{"id":7603,"date":"2024-09-18T10:37:36","date_gmt":"2024-09-18T16:37:36","guid":{"rendered":"https:\/\/beaconlab.mx\/?post_type=publicacion&#038;p=6220"},"modified":"2024-10-21T19:41:05","modified_gmt":"2024-10-22T00:41:05","slug":"2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812","status":"publish","type":"publicacion","link":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/","title":{"rendered":"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812"},"content":{"rendered":"<h2>Producto(s) afectado:<\/h2>\n<ul>\n<li>Servidor VMware vCenter<\/li>\n<li>Fundaci\u00f3n VMware Cloud<\/li>\n<\/ul>\n<h2>Descripci\u00f3n<\/h2>\n<p>&nbsp;<\/p>\n<p>Se ha identificado una vulnerabilidad cr\u00edtica en la plataforma vCenter Server de VMware, conocida como <strong>CVE-2024-38812<\/strong>, reportada por los investigadores de TZL durante el concurso de pirater\u00eda <strong>Matrix Cup 2024<\/strong> en China. Esta vulnerabilidad, con una puntuaci\u00f3n de gravedad <strong>CVSS 9.8<\/strong>, se debe a un desbordamiento de pila en la implementaci\u00f3n del protocolo <strong>DCE\/RPC<\/strong> en vCenter Server, lo que permite la ejecuci\u00f3n de c\u00f3digo remoto mediante paquetes especialmente dise\u00f1ados. Los atacantes con acceso a la red podr\u00edan comprometer por completo el entorno de vCenter, afectando gravemente la infraestructura virtualizada de las organizaciones.<\/p>\n<p>Adicionalmente, se reporta la <strong>CVE-2024-38813<\/strong>, una vulnerabilidad que facilita la <strong>escalada de privilegios a root<\/strong>. Ambas vulnerabilidades representan un riesgo severo para la seguridad empresarial, dado que permiten tanto la ejecuci\u00f3n remota de c\u00f3digo como la elevaci\u00f3n de privilegios.<\/p>\n<p>Se recomienda encarecidamente aplicar las actualizaciones de seguridad proporcionadas por VMware de manera inmediata para mitigar estos riesgos y evitar compromisos en los sistemas.<\/p>\n<p>Estas fallas requieren atenci\u00f3n urgente para evitar incidentes de seguridad que puedan comprometer entornos cr\u00edticos.<\/p>\n","protected":false},"featured_media":6222,"template":"","class_list":["post-7603","publicacion","type-publicacion","status-publish","has-post-thumbnail","hentry"],"acf":{"activar_pdf_link":true,"pdf":6221,"numero_de_boletin":"","traffic_light_protocol":"Amber"},"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.9 - aioseo.com -->\n\t<meta name=\"description\" content=\"Producto(s) afectado: Servidor VMware vCenter Fundaci\u00f3n VMware Cloud Descripci\u00f3n Se ha identificado una vulnerabilidad cr\u00edtica en la plataforma vCenter Server de VMware, conocida como CVE-2024-38812, reportada por los investigadores de TZL durante el concurso de pirater\u00eda Matrix Cup 2024 en China. Esta vulnerabilidad, con una puntuaci\u00f3n de gravedad CVSS 9.8, se debe a un\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.9\" \/>\n\t\t<meta property=\"og:locale\" content=\"es_ES\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Beacon Lab - CSIRT by Cybolt\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812 - Beacon Lab\" \/>\n\t\t<meta property=\"og:description\" content=\"Producto(s) afectado: Servidor VMware vCenter Fundaci\u00f3n VMware Cloud Descripci\u00f3n Se ha identificado una vulnerabilidad cr\u00edtica en la plataforma vCenter Server de VMware, conocida como CVE-2024-38812, reportada por los investigadores de TZL durante el concurso de pirater\u00eda Matrix Cup 2024 en China. Esta vulnerabilidad, con una puntuaci\u00f3n de gravedad CVSS 9.8, se debe a un\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/beaconlab.us\/wp-content\/uploads\/2024\/09\/Leonardo_Phoenix_A_futuristic_hightech_illustration_depicting_2.jpg\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/beaconlab.us\/wp-content\/uploads\/2024\/09\/Leonardo_Phoenix_A_futuristic_hightech_illustration_depicting_2.jpg\" \/>\n\t\t<meta property=\"og:image:width\" content=\"896\" \/>\n\t\t<meta property=\"og:image:height\" content=\"896\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2024-09-18T16:37:36+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2024-10-22T00:41:05+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:site\" content=\"@BeaconLabMX\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812 - Beacon Lab\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Producto(s) afectado: Servidor VMware vCenter Fundaci\u00f3n VMware Cloud Descripci\u00f3n Se ha identificado una vulnerabilidad cr\u00edtica en la plataforma vCenter Server de VMware, conocida como CVE-2024-38812, reportada por los investigadores de TZL durante el concurso de pirater\u00eda Matrix Cup 2024 en China. Esta vulnerabilidad, con una puntuaci\u00f3n de gravedad CVSS 9.8, se debe a un\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/beaconlab.us\/wp-content\/uploads\/2024\/09\/Leonardo_Phoenix_A_futuristic_hightech_illustration_depicting_2.jpg\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#listItem\",\"name\":\"Alerta 2024-36 Vulnerabilidad Cr\\u00edtica en VMware CVE-2024-38812\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#listItem\",\"position\":2,\"name\":\"Alerta 2024-36 Vulnerabilidad Cr\\u00edtica en VMware CVE-2024-38812\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#listItem\",\"name\":\"Home\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#organization\",\"name\":\"Beacon Lab\",\"description\":\"CSIRT by Cybolt\",\"url\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/\",\"telephone\":\"+528007374357\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/beaconlab.mx\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/BeaconLab_V2-03.png\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#organizationLogo\"},\"image\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#organizationLogo\"},\"sameAs\":[\"https:\\\/\\\/twitter.com\\\/BeaconLabMX\",\"https:\\\/\\\/www.linkedin.com\\\/showcase\\\/beaconlabmx\"]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#webpage\",\"url\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/\",\"name\":\"Alerta 2024-36 Vulnerabilidad Cr\\u00edtica en VMware CVE-2024-38812 - Beacon Lab\",\"description\":\"Producto(s) afectado: Servidor VMware vCenter Fundaci\\u00f3n VMware Cloud Descripci\\u00f3n Se ha identificado una vulnerabilidad cr\\u00edtica en la plataforma vCenter Server de VMware, conocida como CVE-2024-38812, reportada por los investigadores de TZL durante el concurso de pirater\\u00eda Matrix Cup 2024 en China. Esta vulnerabilidad, con una puntuaci\\u00f3n de gravedad CVSS 9.8, se debe a un\",\"inLanguage\":\"es-ES\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#breadcrumblist\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/beaconlab.us\\\/wp-content\\\/uploads\\\/2024\\\/09\\\/Leonardo_Phoenix_A_futuristic_hightech_illustration_depicting_2.jpg\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#mainImage\",\"width\":896,\"height\":896,\"caption\":\"CVE-2024-38812\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\\\/#mainImage\"},\"datePublished\":\"2024-09-18T10:37:36-06:00\",\"dateModified\":\"2024-10-21T19:41:05-06:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#website\",\"url\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/\",\"name\":\"Beacon Lab\",\"description\":\"CSIRT by Cybolt\",\"inLanguage\":\"es-ES\",\"publisher\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812 - Beacon Lab","description":"Producto(s) afectado: Servidor VMware vCenter Fundaci\u00f3n VMware Cloud Descripci\u00f3n Se ha identificado una vulnerabilidad cr\u00edtica en la plataforma vCenter Server de VMware, conocida como CVE-2024-38812, reportada por los investigadores de TZL durante el concurso de pirater\u00eda Matrix Cup 2024 en China. Esta vulnerabilidad, con una puntuaci\u00f3n de gravedad CVSS 9.8, se debe a un","canonical_url":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BreadcrumbList","@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/beaconlab.us\/es\/#listItem","position":1,"name":"Home","item":"https:\/\/beaconlab.us\/es\/","nextItem":{"@type":"ListItem","@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#listItem","name":"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812"}},{"@type":"ListItem","@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#listItem","position":2,"name":"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812","previousItem":{"@type":"ListItem","@id":"https:\/\/beaconlab.us\/es\/#listItem","name":"Home"}}]},{"@type":"Organization","@id":"https:\/\/beaconlab.us\/es\/#organization","name":"Beacon Lab","description":"CSIRT by Cybolt","url":"https:\/\/beaconlab.us\/es\/","telephone":"+528007374357","logo":{"@type":"ImageObject","url":"https:\/\/beaconlab.mx\/wp-content\/uploads\/2023\/12\/BeaconLab_V2-03.png","@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#organizationLogo"},"image":{"@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#organizationLogo"},"sameAs":["https:\/\/twitter.com\/BeaconLabMX","https:\/\/www.linkedin.com\/showcase\/beaconlabmx"]},{"@type":"WebPage","@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#webpage","url":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/","name":"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812 - Beacon Lab","description":"Producto(s) afectado: Servidor VMware vCenter Fundaci\u00f3n VMware Cloud Descripci\u00f3n Se ha identificado una vulnerabilidad cr\u00edtica en la plataforma vCenter Server de VMware, conocida como CVE-2024-38812, reportada por los investigadores de TZL durante el concurso de pirater\u00eda Matrix Cup 2024 en China. Esta vulnerabilidad, con una puntuaci\u00f3n de gravedad CVSS 9.8, se debe a un","inLanguage":"es-ES","isPartOf":{"@id":"https:\/\/beaconlab.us\/es\/#website"},"breadcrumb":{"@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#breadcrumblist"},"image":{"@type":"ImageObject","url":"https:\/\/beaconlab.us\/wp-content\/uploads\/2024\/09\/Leonardo_Phoenix_A_futuristic_hightech_illustration_depicting_2.jpg","@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#mainImage","width":896,"height":896,"caption":"CVE-2024-38812"},"primaryImageOfPage":{"@id":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/#mainImage"},"datePublished":"2024-09-18T10:37:36-06:00","dateModified":"2024-10-21T19:41:05-06:00"},{"@type":"WebSite","@id":"https:\/\/beaconlab.us\/es\/#website","url":"https:\/\/beaconlab.us\/es\/","name":"Beacon Lab","description":"CSIRT by Cybolt","inLanguage":"es-ES","publisher":{"@id":"https:\/\/beaconlab.us\/es\/#organization"}}]},"og:locale":"es_ES","og:site_name":"Beacon Lab - CSIRT by Cybolt","og:type":"article","og:title":"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812 - Beacon Lab","og:description":"Producto(s) afectado: Servidor VMware vCenter Fundaci\u00f3n VMware Cloud Descripci\u00f3n Se ha identificado una vulnerabilidad cr\u00edtica en la plataforma vCenter Server de VMware, conocida como CVE-2024-38812, reportada por los investigadores de TZL durante el concurso de pirater\u00eda Matrix Cup 2024 en China. Esta vulnerabilidad, con una puntuaci\u00f3n de gravedad CVSS 9.8, se debe a un","og:url":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/","og:image":"https:\/\/beaconlab.us\/wp-content\/uploads\/2024\/09\/Leonardo_Phoenix_A_futuristic_hightech_illustration_depicting_2.jpg","og:image:secure_url":"https:\/\/beaconlab.us\/wp-content\/uploads\/2024\/09\/Leonardo_Phoenix_A_futuristic_hightech_illustration_depicting_2.jpg","og:image:width":896,"og:image:height":896,"article:published_time":"2024-09-18T16:37:36+00:00","article:modified_time":"2024-10-22T00:41:05+00:00","twitter:card":"summary_large_image","twitter:site":"@BeaconLabMX","twitter:title":"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812 - Beacon Lab","twitter:description":"Producto(s) afectado: Servidor VMware vCenter Fundaci\u00f3n VMware Cloud Descripci\u00f3n Se ha identificado una vulnerabilidad cr\u00edtica en la plataforma vCenter Server de VMware, conocida como CVE-2024-38812, reportada por los investigadores de TZL durante el concurso de pirater\u00eda Matrix Cup 2024 en China. Esta vulnerabilidad, con una puntuaci\u00f3n de gravedad CVSS 9.8, se debe a un","twitter:image":"https:\/\/beaconlab.us\/wp-content\/uploads\/2024\/09\/Leonardo_Phoenix_A_futuristic_hightech_illustration_depicting_2.jpg"},"aioseo_meta_data":{"post_id":"7603","title":null,"description":null,"keywords":null,"keyphrases":{"focus":{"keyphrase":"","score":0,"analysis":{"keyphraseInTitle":{"score":0,"maxScore":9,"error":1}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"WebPage","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2024-10-21 15:06:59","updated":"2025-09-24 06:15:44","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/beaconlab.us\/es\/\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tAlerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/beaconlab.us\/es\/"},{"label":"Alerta 2024-36 Vulnerabilidad Cr\u00edtica en VMware CVE-2024-38812","link":"https:\/\/beaconlab.us\/es\/publicacion\/2024-36-vulnerabilidad-critica-en-vmware-cve-2024-38812\/"}],"_links":{"self":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/7603","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion"}],"about":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/types\/publicacion"}],"version-history":[{"count":1,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/7603\/revisions"}],"predecessor-version":[{"id":7793,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/7603\/revisions\/7793"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/media\/6222"}],"wp:attachment":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/media?parent=7603"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}