VMware ESXi hypervisor vulnerability grants full admin privileges
- by nlqip
Security researchers at Microsoft have discovered a vulnerability in VMware ESXi hypervisors that has been exploited by ransomware operators to gain full administrative access to a domain-joined hypervisor.
The problem, identified as CVE-2024-37085, granted full admin privileges to members of a domain group, without proper validation. It has been used by several ransomware groups such as Storm-0506, Storm-1175, Octo Tempest, and Manatee Tempest, after they gained access to a network, to deploy ransomware.
“While there are worse things that could happen in the weeks leading up to your marquee customer and partner event, a vulnerability announcement based on an exploit that was actually seen in the wild, well, that’s certainly up there,” observed John Annand, research practice lead at Info-Tech Research Group. “So, Broadcom, and Microsoft for that matter, are yet again forced to spend more time and effort on reassuring rather than inspiring customers.”
Source link
lol
Security researchers at Microsoft have discovered a vulnerability in VMware ESXi hypervisors that has been exploited by ransomware operators to gain full administrative access to a domain-joined hypervisor. The problem, identified as CVE-2024-37085, granted full admin privileges to members of a domain group, without proper validation. It has been used by several ransomware groups such…
Recent Posts
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict
- Jury Sides With Qualcomm Over Arm In Case Related To Snapdragon X PC Chips
- Equinix Makes Dell AI Factory With Nvidia Available Through Partners
- AMD’s EPYC CPU Boss Seeks To Push Into SMB, Midmarket With Partners
- Fortinet Releases Security Updates for FortiManager | CISA