vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
https://securityaffairs.com/171147/security/vmware-vcenter-server-bugs-actively-exploited.html
https://thehackernews.com/2024/09/patch-issued-for-critical-vmware.html
https://www.helpnetsecurity.com/2024/06/18/cve-2024-37079-cve-2024-37080/
https://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html
https://cloud.google.com/support/bulletins/index#gcp-2024-037