CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the