VMware ESXi Authentication Bypass via Active Directory

🏭 VMware (Broadcom)CWE-287#Authentication Bypass#VMware#Ransomware#Active Directory

7.2High

010.0

Vulnerability Description

A critical authentication bypass in VMware ESXi allows an attacker with sufficient Active Directory permissions to gain full administrative access to the ESXi host by recreating a specific AD group. Actively exploited by ransomware groups.

Recommended Mitigation

Patch ESXi to the latest version. Remove ESXi from AD and use local directory authentication. Implement network-level access control to the ESXi management interface.

Affected Products

VMware ESXi 7.x

VMware ESXi 8.x

VMware vSphere

Version constraint: ESXi 7.0 U3 < ESXi70U3sq-23794019, ESXi 8.0 U2 < ESXi80U2sb-23305546

Official References

https://www.vmware.com/security/advisories/VMSA-2024-0013.html https://nvd.nist.gov/vuln/detail/CVE-2024-37085

Quick Facts

Published: 2024-07-25
Last Modified: 2024-07-30
Vendor: VMware (Broadcom)
CWE: CWE-287
Exploit: ⚠️ Public Exploit Exists

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

View on NVD ← Back to Advisory Feed