{"id":166432,"date":"2024-08-01T19:58:41","date_gmt":"2024-08-01T19:58:41","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=166432"},"modified":"2024-08-01T20:28:30","modified_gmt":"2024-08-01T20:28:30","slug":"vmware-esxi-cve-2024-37085-vulnerable-instances","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/166432\/hacking\/vmware-esxi-cve-2024-37085-vulnerable-instances.html","title":{"rendered":"Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085"},"content":{"rendered":"
<\/div>\n

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085.<\/h2>\n\n\n\n

Researchers at the Shadowserver Foundation reported that approximately 20,000 VMware ESXi servers exposed online appear impacted by the exploited vulnerability CVE-2024-37085<\/a>. <\/p>\n\n\n\n

\n

We have started sharing exposed VMware ESXi vulnerable to CVE-2024-37085 (authentication bypass). While rated only CVSS 6.8 by Broadcom, this vuln has been reported by Microsoft as exploited in the wild by ransomware operators.

We see 20 275 instances vulnerable on 2024-07-30.
pic.twitter.com\/wTkqDSLQ38<\/a><\/p>— The Shadowserver Foundation (@Shadowserver) July 31, 2024<\/a><\/blockquote>