20,275 VMware ESXi Vulnerable Instances Exposed, Microsoft Warns of Massive Exploitation
Microsoft has issued a significant security alert regarding a vulnerability in VMware ESXi hypervisors, which ransomware operators have actively exploited. According to the Shadowserver Foundation, the vulnerability, identified as CVE-2024-37085, exposed 20,275 instances as of July 30, 2024.
The CVE-2024-37085 vulnerability is an authentication bypass flaw with a CVSS score of 6.8. It specifically affects domain-joined ESXi hypervisors, allowing attackers with sufficient Active Directory (AD) permissions to gain full administrative control over the hypervisor.