VMware ESXi Authentication Bypass Vulnerability
- When
- · day precision
- Where
- Global (internet)
- Category
- cyber_exploit · ransomware
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.
Involved actors & entities
People, organizations and places machine-extracted from the source reporting — they power search and the correlation graph. Extracted automatically, so they can include noise, especially on events still marked unverified.
Sources
- CISA ↗ · first seen 2024-07-30 00:00 UTC
Defaxon links out to the original reporting and never republishes article text.
Correlated events
Computed by the Defaxon correlation engine — linked by shared actors, co-location, and temporal proximity. Scored hypotheses, never causal claims.
No correlated events found in the current window. As more events arrive, connections form automatically.