CVE-2024-37085

Description

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.

CVSS v3.1 Score

6.8

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild.

Added: Jul 30, 2024 Remediation due: Aug 20, 2024 Known ransomware use

Weakness Type (CWE)

CWE-287 Improper Authentication

CWE-305 CWE-305

Affected Products

Vendor	Product	Versions
vmware	cloud_foundation	4.0 — 5.2
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All
vmware	esxi	All

References

Advisories & Patches

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505

Other References

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-37085

Frequently Asked Questions

What is CVE-2024-37085? +

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. It has a CVSS v3.1 base score of 6.8 (MEDIUM). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.

How severe is CVE-2024-37085? +

CVE-2024-37085 has a CVSS v3.1 score of 6.8 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance.

What products are affected by CVE-2024-37085? +

CVE-2024-37085 affects products from vmware, specifically: cloud_foundation, esxi. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2024-37085? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-48897

Insufficient state checks lead to a vector that allows to bypass 2FA checks.

CVE-2026-48896

Insufficient state checks lead to a vector that allows to bypass 2FA checks.

CVE-2026-47202

Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated …

CVE-2026-7876

IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19

CVE-2026-44720

OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX …

CVE-2025-24032

PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy …