Vulnerabilities > CVE-2024-37085
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.
Related news
- VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) (source)
- Ransomware gangs are loving this dumb but deadly make-me-admin ESXi vulnerability (source)
- CISA warns of VMware ESXi bug exploited in ransomware attacks (source)
- Microsoft Says Ransomware Groups Are Exploiting the Newly-Patched VMware ESXi Flaw (source)