VMware News Articles

Previously patched vCenter vulnerabilities actively exploited

These vulnerabilities, which enable remote code execution and privilege escalation, were supposedly fixed in September.

2 weeks ago

VMware vCenter Server RCE Vulnerability Actively Exploited in Attacks

Broadcom has issued an urgent warning that two critical vulnerabilities in VMware vCenter Server are now being actively exploited in the wild.

2 weeks ago

CVE-2024-38812CVE-2024-38813

Critical RCE bug in VMware vCenter Server now exploited in attacks

Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw.

2 weeks ago

SecurityWeek

VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw

The saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage.

2 weeks ago

CyberSecurityNews

PoC Published for VMWare vCenter Server RCE Vulnerability CVE-2024-38812

Security researchers have discovered and detailed a critical remote code execution (RCE) vulnerability in the VMware vCenter Server, identified as CVE-2024-38812.

1 month ago

CVE-2024-38812CVE-2024-37383

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed

1 month ago

VMware fixes bad patch for critical vCenter Server RCE flaw

VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024.

1 month ago

VMware fixes critical vCenter Server RCE bug - again! (CVE-2024-38812) - Help Net Security

New patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server are out.

1 month ago

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months.

1 month ago

The Hacker News

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

VMware releases a patch for critical vCenter Server vulnerability CVE-2024-38812, urging users to update now.

1 month ago

CyberSecurityNews

VMware vCenter Server Vulnerabilities Let Attackers Execute Remote Code

Broadcom has released critical security updates to address severe vulnerabilities in VMware vCenter Server that could allow attackers to execute remote code and escalate privileges.

1 month ago

CVE-2024-38814

VMware fixes high-severity SQL injection CVE-2024-38814 in HCX

VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager.

2 months ago

SecurityWeek

CVE-2024-38814

VMware Patches High-Severity SQL Injection Flaw in HCX Platform

VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager.

2 months ago

The Stack

CVE-2023-34048

VMware critical RCE vulnerability in vCenter Server identified in $2.5 million Chinese zero day competition

There is no workaround for the critical CVE, which is one of a pair of bugs which let attackers carry out remote code execution or escalate privileges.

2 months ago

Critical VMware vCenter Server bugs fixed (CVE-2024-38812) - Help Net Security

CVE-2024-38812 is an unauthenticated heap-overflow vulnerability in the implementation of the DCE/RPC protocol that could lead to RCE.

3 months ago

The Hacker News

Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution

Broadcom patches critical VMware vCenter Server vulnerability, CVE-2024-38812, preventing remote code execution. Update now.

3 months ago

BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets

The pivot is one of several changes the groups using the malware have used in recent attacks.

3 months ago

SC Media

CVE-2023-34048

Prolonged exploitation of VMware zero-day conducted by Chinese hackers

Attacks exploiting a critical out-of-bounds write zero-day vulnerability in VMware Center Server, tracked as CVE-2023-34048, have been deployed by Chinese cyberespionage operation UNC3886 since 2021, two years before the flaw was identified and addressed, reports The Hacker News.

4 months ago

+20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085

Researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited CVE-2024-37085.

4 months ago

TechRepublic

Microsoft Says VMware ESXi Flaw is Being Exploited By Ransomware Groups

The CVE-2024-37085 vulnerability is present in VMware ESXi hypervisors and has been used to deploy ransomware, according to Microsoft.

4 months ago

20,275 VMware ESXi Vulnerable Instances Exposed, Microsoft Warns of Massive Exploitation

According to the Shadowserver Foundation, the vulnerability, identified as CVE-2024-37085, exposed 20,275 instances as of July 30, 2024.

4 months ago

Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs

With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.

4 months ago

CISA warns of VMware ESXi bug exploited in ransomware attacks

CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks.

4 months ago

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085) - Help Net Security

Ransomware operators have leveraged CVE-2024-37085 to gain full admin access to enterprises' VMware ESXi hypervisors.

4 months ago

Ransomware gangs are loving this dumb but deadly ESXi flaw

Do you have your VMware ESXi hypervisor joined to Active Directory? Well, the latest news from Microsoft serves as a reminder that you might not want to do that given the recently patched vulnerability that...

4 months ago

The Register

Ransomware gangs are loving this dumb but deadly ESXi flaw

4 months ago

TechTarget

Microsoft: Ransomware gangs exploiting VMware ESXi flaw | TechTarget

Microsoft researchers discovered and reported an actively exploited ESXi flaw to VMware earlier this year.

4 months ago

CXOToday.com

Ransomware Groups Exploiting CVE-2024-37085: Comment from Scott Caveza, Staff Research Engineer at Tenable

“Several ransomware groups have targeted virtual machines as part of their attack chains, which can have a crippling effect on an impacted organization. These financially motivated groups are quick to encrypt...

4 months ago

The Stack

Bonkers "ESX Admins" VMware vulnerability exploited

A VMware vulnerability, CVE-2024-37085 is being exploited to gain full administrative access to ESXi hypervisors via the ESX Admins group even if

4 months ago

The Hacker News

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access

VMware ESXi flaw CVE-2024-37085 actively exploited by ransomware groups to gain admin access and deploy malware.

4 months ago

Ransomware Gangs Exploiting VMware ESXi Auth Bypass Flaw for Mass Attacks

Microsoft researchers have found a critical vulnerability in VMware's ESXi hypervisors. Ransomware operators are using this problem to attack systems.

4 months ago

Ransomware gangs exploit VMware ESXi bug CVE-2024-37085

Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw.

4 months ago

Microsoft: Ransomware gangs exploit VMware ESXi auth bypass in attacks

Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks.

4 months ago

Microsoft

Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption | Microsoft Security Blog

Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory ...

4 months ago

SecurityWeek

Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw

VMware did not mention in-the-wild exploitation for CVE-2024-37085 but Microsoft says ransomware gangs are abusing the just-patched flaw.

4 months ago

AttackerKB

CVE-2024-22274

CVE-2024-22274 | AttackerKB

The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance she…

4 months ago

iTnews

CVE-2023-20867

Chinese attackers exploiting unpatched VMware ESXi instances

Security researchers from Mandiant have identified a Chinese APT group exploiting a VMware ESXi zero-day vulnerability as part of a campaign tracked since September...

4 months ago

www.thehackerwire.com

CVE-2024-37081

We believe that knowledge is the ultimate weapon against cyber threats. By breaking down complex concepts, democratizing technical expertise, and fostering a dialogue around cybersecurity, TheHackerWire...

5 months ago

Red Hot Cyber

CVE-2024-22274

L’exploit POC per l’RCE di VMware vCenter Server è ora disponibile Online!

Disponibile l'exploit pubblico per la RCE su L’exploit POC per l’RCE di VMware vCenter per eseguire comandi arbitrari con privilegi di root.

5 months ago

CVE-2024-22274

PoC Exploit Released for VMware vCenter Server RCE Vulnerability

A proof-of-concept (PoC) exploit has been released for a critical vulnerability in the VMware vCenter Server, potentially allowing authenticated remote code execution.

5 months ago

CVE-2024-37085CVE-2024-37086

VMware ESXi Vulnerability Allows Attackers to Bypass Authentication

These vulnerabilities, identified as CVE-2024-37085, CVE-2024-37086, and CVE-2024-37087, pose significant risks to organizations using VMware ESXi for their virtualized environments.

5 months ago

SC Media

CVE-2024-37080CVE-2024-37079

VMware fixes 2 critical bugs; check if your vCenter Server is affected

The heap overflow flaws affect vSphere and Cloud Foundation and could enable RCE.

5 months ago

Hackread

Broadcom Advises Urgent Patch for Severe VMware vCenter Server Vulnerabilities

Broadcom, the owner firm of VMware, discloses critical vulnerabilities affecting VMware vCenter Server and the virtualized environment it manages.

6 months ago

VMware fixes critical vCenter RCE vulnerability, patch now

VMware has issued a security advisory addressing critical vulnerabilities in vCenter Server, including remote code execution and local privilege escalation flaws.

6 months ago

Infosecurity Magazine

VMware Discloses Critical Vulnerabilities, Urges Immediate Remediation

VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, with patches available for customers

6 months ago

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) - Help Net Security

VMware fixes two RCE flaws (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server, vSphere and Cloud Foundation.

6 months ago