{"id":55181,"date":"2024-07-29T21:02:35","date_gmt":"2024-07-29T21:02:35","guid":{"rendered":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/"},"modified":"2024-07-29T21:02:35","modified_gmt":"2024-07-29T21:02:35","slug":"hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin","status":"publish","type":"post","link":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/","title":{"rendered":"Hackers exploit VMware vulnerability that gives them hypervisor admin"},"content":{"rendered":"<div>\n<div id=\"rss-wrap\">\n<figure class=\"intro-image intro-left\">\n  <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/09\/code-vulnerability-security-800x534.jpg\" alt=\"Hackers exploit VMware vulnerability that gives them hypervisor admin\" \/><\/p>\n<p class=\"caption\" style=\"font-size:0.8em\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/09\/code-vulnerability-security.jpg\" class=\"enlarge-link\" data-height=\"667\" data-width=\"1000\">Enlarge<\/a> (credit: Getty Images)<\/p>\n<\/figure>\n<div><a name=\"page-1\"><\/a><\/div>\n<p>Microsoft is urging users of VMware\u2019s ESXi hypervisor to take immediate action to ward off ongoing attacks by ransomware groups that give them full administrative control of the servers the product runs on.<\/p>\n<p>The vulnerability, tracked as CVE-2024-37085, allows attackers who have already gained limited system rights on a targeted server to gain full administrative control of the ESXi hypervisor. Attackers affiliated with multiple ransomware syndicates\u2014including Storm-0506, Storm-1175, Octo Tempest, and Manatee Tempest\u2014have been exploiting the flaw for months in numerous post-compromise attacks, meaning after the limited access has already been gained through other means.<\/p>\n<div class=\"centered-figure-container\">\n<div class=\"center\" style=\"width:640px\"><iframe loading=\"lazy\" src=\"https:\/\/cyberplace.social\/@GossiTheDog\/112870822471780457\/embed\" scrolling=\"no\" width=\"640\" height=\"480\" frameborder=\"0\"><\/iframe><\/div>\n<\/div>\n<h2>Admin rights assigned by default<\/h2>\n<p>Full administrative control of the hypervisor gives attackers various capabilities, including encrypting the file system and taking down the servers they host. The hypervisor control can also allow attackers to access hosted virtual machines to either exfiltrate data or expand their foothold inside a network. Microsoft discovered the vulnerability under exploit in the normal course of investigating the attacks and reported it to VMware. VMware parent company Broadcom <a href=\"https:\/\/support.broadcom.com\/web\/ecx\/support-content-notification\/-\/external\/content\/SecurityAdvisories\/0\/24505\">patched<\/a> the vulnerability on Thursday.<\/p>\n<\/div>\n<p><a href=\"https:\/\/arstechnica.com\/?p=2039863#p3\">Read 8 remaining paragraphs<\/a> | <a href=\"https:\/\/arstechnica.com\/?p=2039863&amp;comments=1\">Comments<\/a><\/p>\n<\/div>\n<p class=\"wpematico_credit\"><small>Powered by <a href=\"http:\/\/www.wpematico.com\" target=\"_blank\" rel=\"noopener\">WPeMatico<\/a><\/small><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Enlarge (credit: Getty Images) Microsoft is urging users of VMware\u2019s ESXi hypervisor to take immediate action to ward off ongoing attacks by ransomware groups that give them full administrative control of the servers the product runs on. The vulnerability, tracked as CVE-2024-37085, allows attackers who have already gained limited system rights on a targeted server to gain full administrative control of the ESXi hypervisor. Attackers affiliated with multiple ransomware syndicates\u2014including&#8230;<\/p>\n","protected":false},"author":1,"featured_media":55182,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[241],"tags":[],"class_list":["post-55181","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers exploit VMware vulnerability that gives them hypervisor admin - UshopWell.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers exploit VMware vulnerability that gives them hypervisor admin - UshopWell.com\" \/>\n<meta property=\"og:description\" content=\"Enlarge (credit: Getty Images) Microsoft is urging users of VMware\u2019s ESXi hypervisor to take immediate action to ward off ongoing attacks by ransomware groups that give them full administrative control of the servers the product runs on. The vulnerability, tracked as CVE-2024-37085, allows attackers who have already gained limited system rights on a targeted server to gain full administrative control of the ESXi hypervisor. Attackers affiliated with multiple ransomware syndicates\u2014including...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/\" \/>\n<meta property=\"og:site_name\" content=\"UshopWell.com\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-29T21:02:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/07\/code-vulnerability-security-800x534-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"534\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"UShopWell\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"UShopWell\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/\"},\"author\":{\"name\":\"UShopWell\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/person\\\/6fd1f9e0ff932e534c86c70d5acff0fc\"},\"headline\":\"Hackers exploit VMware vulnerability that gives them hypervisor admin\",\"datePublished\":\"2024-07-29T21:02:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/\"},\"wordCount\":197,\"publisher\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/code-vulnerability-security-800x534-1.jpg\",\"articleSection\":[\"Technology\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/\",\"name\":\"Hackers exploit VMware vulnerability that gives them hypervisor admin - UshopWell.com\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/code-vulnerability-security-800x534-1.jpg\",\"datePublished\":\"2024-07-29T21:02:35+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/#primaryimage\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/code-vulnerability-security-800x534-1.jpg\",\"contentUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2024\\\/07\\\/code-vulnerability-security-800x534-1.jpg\",\"width\":800,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hackers exploit VMware vulnerability that gives them hypervisor admin\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#website\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\",\"name\":\"UshopWell.com\",\"description\":\"The Premiere Online Marketplace\",\"publisher\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\",\"name\":\"UshopWell\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/pandaSwea.png\",\"contentUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/pandaSwea.png\",\"width\":365,\"height\":359,\"caption\":\"UshopWell\"},\"image\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/person\\\/6fd1f9e0ff932e534c86c70d5acff0fc\",\"name\":\"UShopWell\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"caption\":\"UShopWell\"},\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/author\\\/kburnettu\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers exploit VMware vulnerability that gives them hypervisor admin - UshopWell.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/","og_locale":"en_US","og_type":"article","og_title":"Hackers exploit VMware vulnerability that gives them hypervisor admin - UshopWell.com","og_description":"Enlarge (credit: Getty Images) Microsoft is urging users of VMware\u2019s ESXi hypervisor to take immediate action to ward off ongoing attacks by ransomware groups that give them full administrative control of the servers the product runs on. The vulnerability, tracked as CVE-2024-37085, allows attackers who have already gained limited system rights on a targeted server to gain full administrative control of the ESXi hypervisor. Attackers affiliated with multiple ransomware syndicates\u2014including...","og_url":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/","og_site_name":"UshopWell.com","article_published_time":"2024-07-29T21:02:35+00:00","og_image":[{"width":800,"height":534,"url":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/07\/code-vulnerability-security-800x534-1.jpg","type":"image\/jpeg"}],"author":"UShopWell","twitter_card":"summary_large_image","twitter_misc":{"Written by":"UShopWell","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/#article","isPartOf":{"@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/"},"author":{"name":"UShopWell","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/person\/6fd1f9e0ff932e534c86c70d5acff0fc"},"headline":"Hackers exploit VMware vulnerability that gives them hypervisor admin","datePublished":"2024-07-29T21:02:35+00:00","mainEntityOfPage":{"@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/"},"wordCount":197,"publisher":{"@id":"https:\/\/ushopwell.com\/ublog\/#organization"},"image":{"@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/#primaryimage"},"thumbnailUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/07\/code-vulnerability-security-800x534-1.jpg","articleSection":["Technology"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/","url":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/","name":"Hackers exploit VMware vulnerability that gives them hypervisor admin - UshopWell.com","isPartOf":{"@id":"https:\/\/ushopwell.com\/ublog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/#primaryimage"},"image":{"@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/#primaryimage"},"thumbnailUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/07\/code-vulnerability-security-800x534-1.jpg","datePublished":"2024-07-29T21:02:35+00:00","breadcrumb":{"@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/#primaryimage","url":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/07\/code-vulnerability-security-800x534-1.jpg","contentUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/07\/code-vulnerability-security-800x534-1.jpg","width":800,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/ushopwell.com\/ublog\/hackers-exploit-vmware-vulnerability-that-gives-them-hypervisor-admin\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ushopwell.com\/ublog\/"},{"@type":"ListItem","position":2,"name":"Hackers exploit VMware vulnerability that gives them hypervisor admin"}]},{"@type":"WebSite","@id":"https:\/\/ushopwell.com\/ublog\/#website","url":"https:\/\/ushopwell.com\/ublog\/","name":"UshopWell.com","description":"The Premiere Online Marketplace","publisher":{"@id":"https:\/\/ushopwell.com\/ublog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ushopwell.com\/ublog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/ushopwell.com\/ublog\/#organization","name":"UshopWell","url":"https:\/\/ushopwell.com\/ublog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/logo\/image\/","url":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2018\/01\/pandaSwea.png","contentUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2018\/01\/pandaSwea.png","width":365,"height":359,"caption":"UshopWell"},"image":{"@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/person\/6fd1f9e0ff932e534c86c70d5acff0fc","name":"UShopWell","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","caption":"UShopWell"},"url":"https:\/\/ushopwell.com\/ublog\/author\/kburnettu\/"}]}},"_links":{"self":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts\/55181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/comments?post=55181"}],"version-history":[{"count":0,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts\/55181\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/media\/55182"}],"wp:attachment":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/media?parent=55181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/categories?post=55181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/tags?post=55181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}