KEVIntel
Back to KEVs
6.8
CVSS
Medium

CVE-2024-37085

PUBLISHED

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full...

Exploited in the wild Used in malware PoC available Remote Low complexity
Vendor
VMware
Product
VMware ESXi, VMware Cloud Foundation
Published
Jun 25, 2024
EPSS

Description

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.

cisa malware ransomware nessus_scanner

CVSS scores

CVSS v3.1 6.8 Medium

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2024-07-30 00:00:00 UTC · Source

Used in malware

Recorded 2024-07-30 00:00:00 UTC · Source

Proof of concept available

Recorded 2024-08-02 13:31:59 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Jul 30, 2024

Scanner integrations

Scanner Reference Detected
Nessus https://www.tenable.com/plugins/nessus/201123 Jun 02, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

mahmutaymahmutay/CVE-2024-37085

github · Created 2024-08-02 13:31:59 UTC · 2 stars

Vulnerability Scanner for CVE-2024-37085 and Exploits ( For Educational Purpose only)

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Exploit Used in Malware

  • Added to KEVIntel

  • Proof of Concept Exploit Available

  • Detected by Nessus