Lucene search
K

6 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/07/30 12:28 a.m.164 views

VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns

On Monday, July 29, Microsoft published an extensive threat intelligence blog on observed exploitation of CVE-2024-37085, an Active Directory integration authentication bypass vulnerability affecting Broadcom VMware ESXi hypervisors. The vulnerability, according to Redmond, was identified in...

9.8CVSS7.8AI score0.96823EPSS
Exploits2
Circl
Circl
added 2024/06/28 4:0 a.m.10 views

CVE-2024-37085

creationtimestamp| type| source ---|---|--- 2024-06-28 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1319 2024-07-29 20:58:17+00:00| exploited| https://t.me/informationsecuritychannel/52639 2024-07-30 00:00:05+00:00| seen| https://t.me/ctinow/220983 2024-07-30...

7.2CVSS6.9AI score0.2677EPSS
Exploits0References53
Tenable Nessus
Tenable Nessus
added 2024/06/28 12:0 a.m.285 views

VMware ESXi 7.0 / 8.0 Authenticaton Bypass (CVE-2024-37085)

The version of VMware ESXi installed on the remote host is prior to 8.0 Update 3. It is, therefore, affected by an authentication bypass vulnerability as referenced in the VMSA-2024-0013 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's...

7.2CVSS8.8AI score0.2677EPSS
Exploits0References2
OSV
OSV
added 2024/06/25 3:15 p.m.6 views

CVE-2024-37085

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory AD permissions can gain full access to an ESXi host that was previously configured to use AD for user management...

7.2CVSS5.8AI score0.2677EPSS
Exploits0References2
VMware
VMware
added 2024/06/25 12:0 a.m.58 views

VMSA-2024-0013:VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2024-37085, CVE-2024-37086, CVE-2024-37087)

Advisory ID: | VMSA-2024-0013.2 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 5.3-6.8 Synopsis: | VMware ESXi and vCenter Server updates address multiple vulnerabilities CVE-2024-37085, CVE-2024-37086, CVE-2024-37087 Issue date: | 2024-06-25 Updated on: | 2024-08-12 CVEs | CVE-2024-37085,...

7.2CVSS7.7AI score0.2677EPSS
Exploits0References25Affected Software3
VulnCheck KEV
VulnCheck KEV
added 2024/04/23 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-37085

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory AD permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group 'ESXi Admins' by default...

7.2CVSS7.4AI score0.2677EPSS
Exploits0References1
Rows per page
Query Builder