Tag

#esxi

3 posts tagged #esxi.

Analysis · May 20, 2026 · Colten Anderson

ESXi handed out admin to a group named 'ESX Admins' and never checked who made it

CVE-2024-37085 is an auth bypass where domain-joined ESXi grants full control to any member of a group called 'ESX Admins,' without verifying the group is legitimate. At least four ransomware crews used it to encrypt hypervisors. ESXi 7.0 isn't getting a patch.
Analysis · May 20, 2026 · Colten Anderson

The virtualization control plane keeps getting RCE'd, and ESXiArgs showed why that matters

vCenter and ESXi run your entire virtual estate. A run of pre-auth RCEs in vCenter (CVE-2021-21972, 21975, 21985, 22005) and the ESXi OpenSLP bugs (CVE-2019-5544, CVE-2020-3992) that fed the ESXiArgs ransomware wave show why the management layer is a crown-jewel target.
Analysis · May 8, 2026 · Colten Anderson

Broadcom turned an ESXi zero-day into a patch-access crisis

CVE-2025-22225 was exploited for over a year before Broadcom patched it. Then perpetual license holders couldn't download the fix.