BACK TO INTEL

Archives

Classification

Clear Filter
Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
ERP
Information Technology
Infrastructure
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
VMware vSphere
Authentication Bypass
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

FeedVMware vSphere

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2024-37085

Critical ESXi Authentication Bypass: Defending Against CVE-2024-37085 and AD-Based Lateral Movement

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.

ESXi
View Detail