Recently, VMware by Broadcom published VMware Security Advisory VMSA-2024-0019 detailing information on vulnerabilities affecting VMware products, which could potentially be exploited by malicious actors. This KB announces 2 Intrusion Detection and Prevention System (IDPS) signatures and provides guidance on how to use them to detect and mitigate potential exploitation attempts of the vulnerability CVE-2024-38812

VMware vCenter Server 7.0 (before 7.0 U3s), 8.0 (before 8.0 U3b)

Response matrix available in the security advisory for VMSA-2024-0019:
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution