https://community.isc2.org/t5/Threats/CISA-warns-of-VMware-ESXi-bug-exploited-in-ransomware-attacks/m-p/72739#M1313 <P>CISA's directive for U.S. Federal Civilian Executive Branch agencies to secure their servers highlights the critical nature of the VMware ESXi vulnerability (CVE-2024-37085). This flaw, fixed in the recent ESXi 8.0 U3 release, allows attackers to gain high privileges and add a user with full administrative rights. It's a significant security risk, and timely action is essential to prevent exploitation, especially given its use in ransomware attacks.</P> Fri, 02 Aug 2024 17:47:52 GMT leefarrellhelps 2024-08-02T17:47:52Z https://community.isc2.org/t5/Threats/CISA-warns-of-VMware-ESXi-bug-exploited-in-ransomware-attacks/m-p/72652#M1299 <P>Dear All,</P><P>&nbsp;</P><P><SPAN>CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks.</SPAN></P><P>&nbsp;</P><P>Broadcom subsidiary VMware fixed this flaw (<A href="https://nvd.nist.gov/vuln/detail/CVE-2024-37085" target="_blank" rel="nofollow noopener">CVE-2024-37085</A>) discovered by Microsoft security researchers on June 25 with the release of ESXi 8.0 U3.</P><P>CVE-2024-37085 allows attackers to add a new user to the 'ESX Admins' group—not present by default but can be added after gaining high privileges on the ESXi hypervisor—which will automatically be assigned full administrative privileges.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/cisa-warns-of-vmware-esxi-bug-exploited-in-ransomware-attacks/" target="_blank">https://www.bleepingcomputer.com/news/security/cisa-warns-of-vmware-esxi-bug-exploited-in-ransomware-attacks/</A></P><P>&nbsp;</P><P>&nbsp;</P> Wed, 31 Jul 2024 06:33:27 GMT https://community.isc2.org/t5/Threats/CISA-warns-of-VMware-ESXi-bug-exploited-in-ransomware-attacks/m-p/72652#M1299 Kyaw_Myo_Oo 2024-07-31T06:33:27Z https://community.isc2.org/t5/Threats/CISA-warns-of-VMware-ESXi-bug-exploited-in-ransomware-attacks/m-p/72739#M1313 <P>CISA's directive for U.S. Federal Civilian Executive Branch agencies to secure their servers highlights the critical nature of the VMware ESXi vulnerability (CVE-2024-37085). This flaw, fixed in the recent ESXi 8.0 U3 release, allows attackers to gain high privileges and add a user with full administrative rights. It's a significant security risk, and timely action is essential to prevent exploitation, especially given its use in ransomware attacks.</P> Fri, 02 Aug 2024 17:47:52 GMT https://community.isc2.org/t5/Threats/CISA-warns-of-VMware-ESXi-bug-exploited-in-ransomware-attacks/m-p/72739#M1313 leefarrellhelps 2024-08-02T17:47:52Z https://community.isc2.org/t5/Threats/CISA-warns-of-VMware-ESXi-bug-exploited-in-ransomware-attacks/m-p/72767#M1318 <P>Thanks for sharing&nbsp;<a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/1013146939">@leefarrellhelps</a>.</P><P>&nbsp;</P><P>&nbsp;</P> Sat, 03 Aug 2024 07:38:48 GMT https://community.isc2.org/t5/Threats/CISA-warns-of-VMware-ESXi-bug-exploited-in-ransomware-attacks/m-p/72767#M1318 Kyaw_Myo_Oo 2024-08-03T07:38:48Z