VMware ESXi Out-of-Bounds Read Vulnerability Could Lead to Denial of Service
CVE-2024-37086

6.8MEDIUM

Key Information:

Vendor
VMware
Status
Esxi
Vmware Cloud Foundation
Vendor
CVE Published:
25 June 2024

Badges

πŸ“° News Worthy

Summary

VMware ESXi contains an out-of-bounds read vulnerability.Β A malicious actor with local administrative privileges on a virtual machine with an existing snapshot may trigger an out-of-bounds read leading to a denial-of-service condition of the host.

Affected Version(s)

ESXi 8.0

ESXi 7.0

VMware Cloud Foundation 5.x

News Articles

favicon imageCybersecurityNews

VMware ESXi Vulnerability Allows Attackers to Bypass Authentication

These vulnerabilities, identified as CVE-2024-37085, CVE-2024-37086, and CVE-2024-37087, pose significant risks to organizations using VMware ESXi for their virtualized environments.

7 months ago

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“°

    First article discovered by CybersecurityNews

  • Vulnerability published

  • Vulnerability Reserved

.