The exploitation involves creating or modifying an Active Directory group named “ESX Admins,” which grants administrative access on ESXi hosts. This vulnerability poses significant risks as it allows unauthorized access to critical systems, potentially leading to data breaches and operational disruptions.
Microsoft has reported incidents where ransomware gangs exploited this vulnerability to infiltrate systems and encrypt data, demanding ransom for decryption. The tech giant and VMware have both advised organizations to apply the latest security patches and employ robust security measures, including restricting network access and conducting regular security assessments.
Source: SecurityWeek
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.