vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
https://thecyberthrone.in/2024/06/18/vmware-fixes-critical-vulnerabilities-in-its-products/
https://www.theregister.com/2024/06/18/vmware_criticial_vcenter_flaws/
https://www.helpnetsecurity.com/2024/06/18/cve-2024-37079-cve-2024-37080/
https://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html
https://cloud.google.com/support/bulletins/index#gcp-2024-037