CVE-2024-37079
ENISA EUVD: EUVD-2024-36412 ↗
Exploited in the Wild
✓ Confirmed 0-Day
Triaged: March 5, 2026
4 articles
EPSS Score
Source: FIRST.org · 2026-05-23
82.05%
probability
This CVE has a 82.05% probability
of being exploited in the next 30 days.
0%
Top 99.2th percentile of all CVEs
100%
CVSS v3.1
Source: NVD9.8
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
NVDvCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
Affected Products
vmware
cloud foundation
vmware
vcenter server
Attack Intelligence
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-37079
US Government Resource
Signal Intelligence
Confidence
85%
EPSS
82.05%
CVSS v3.1
9.8
Mentions
4
Last Seen
Jan 24, 2026
CNA Information
Analyst Note
CVE-2024-37079 was patched by VMware in June 2024 and subsequently added to CISA's KEV catalog citing active exploitation in the wild. The timing—patch released June 2024, exploitation confirmed shortly after—combined with CISA's explicit documentation of in-the-wild attacks demonstrates zero-day exploitation occurred before or concurrent with patch availability.
Threat Actors 5
Void Arachne
apt_group
Information theft and espionage
🇨🇳 CN
APT 28
apt_group
Information theft and espionage
🇷🇺 RU
TAG-28
apt_group
Information theft and espionage
🇨🇳 CN
Roaming Tiger
apt_group
Information theft and espionage
🇨🇳 CN
White Bear
apt_group
Information theft and espionage
🇷🇺 RU
Triage Info
Decided atMar 05, 2026