How to Resolve VMware ESXi CVE-2024-37085, CVE-2024-37086, CVE-2024-37087 Vulnerabilities

VMware has recently patched several critical security vulnerabilities in ESXi. These vulnerabilities, identified as CVE-2024-37085, CVE-2024-37086, and CVE-2024-37087, could allow attackers with sufficient privileges to gain unauthorized access or cause a denial of service.

CVE-2024-37085: Active Directory Group Authentication Bypass

This is the most critical one. An attacker with AD administrative privileges could gain full administrative access to an ESXi host configured to use AD for user authentication.

How to Fix

The main resolution is to update your ESXi hosts to the latest patched versions (ESXi 8.0 Update 3 or ESXi 7.0 Update 3q).

If you cannot update immediately, consider disabling Active Directory integration as a temporary workaround and using local accounts with strong MFA.

Always ensure your management network is isolated and not accessible from the public internet.