 |
Post AriME68wbzi94cwxJg by [email protected] |
 |
More posts by [email protected] |
|
Post #AriIbA6be9N6CqbATw by [email protected] |
|
0 likes, 1 repeats |
|
|
|
3 different VMware zero days, under active exploitation by ransomware groupsCVE… |
|
|
|
Post #AriIinAsmsqBP5ElJg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Unclear if related to this post from a few weeks ago. |
|
|
|
Post #AriIumzxGiAgKdqXZo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
You may want to escalate patching this as it allows virtual machine to hypervis… |
|
|
|
Post #AriJsqbazDQCtV5fd2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
VMware have set the Attack Vector to Local, which brings down the CVSS score - … |
|
|
|
Post #AriKL75dI6SM80cOga by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog How can you attack this via network? The advisory says that you ne… |
|
|
|
Post #AriKP8XDrPTdlgRRlA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog What exactly do you mean with "you can do it over the interne… |
|
|
|
Post #AriKdNWMwGSQIjpjWK by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@waldi @GossiTheDog how do you connect to a VM (in almost any cases)? |
|
|
|
Post #AriME68wbzi94cwxJg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog So that's why VMware workstation is now free...? |
|
|
|
Post #AriNi65zSAZ5ZFR8cq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Ok, so that sparks the question, is RPC enough (local network), is… |
|
|
|
Post #AriRliYPK2XjWsi6k4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
VMware ESXi vulns added to CISA KEV. |
|
|
|
Post #AriaV3qzmAxWFoXMvY by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I mean this is just CVSS being wacky as normal and only looking at… |
|
|
|
Post #Ariad7z6ImX9NkAtyi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Good catch by @TomSellers - although VMware doesn't list ESXi 6.7 as vulner… |
|
|
|
Post #AribXUlolvZoGdq90C by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Another good catch by @TomSellers - VMware's website advisory has less deta… |
|
|
|
Post #AricHKwNeOgz6Odi2C by [email protected] |
|
0 likes, 1 repeats |
|
|
|
Quick mspaint.exe diagram on this, calling it ESXicape- Have access to somethin… |
|
|
|
Post #Arik1NrVouS5AAGa5Q by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog I just came here to ask you why these vulnerabilities are rated so… |
|
|
|
Post #Arikf6ZxUusl8xzqAy by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog OK, thanks, Kevin. Is it fair to compare accessing the hypervisor … |
|
|
|
Post #Ariky5YDXnqHSPEZN2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog So, an attacker who gets access to a hypervisor in, say, GM's … |
|
|
|
Post #Arim8skJao44sobSHw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog @dangoodin Compromise of the VMware ESXi host can result in compro… |
|
|
|
Post #ArimpgieBTgu2CEb9k by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog @dangoodin If you perhaps remember the attack against TietoEvry in… |
|
|
|
Post #ArinAqNPTOGq4GOACm by [email protected] |
|
0 likes, 2 repeats |
|
|
|
@GossiTheDog Wonderful news to read during evening.... *le sigh* time to plan p… |
|
|
|
Post #Ark3ESQiF0w9NhdeZE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
I wrote up everything I know about #ESXicape https://doublepulsar.com/use-one-v… |
|
|
|
Post #Ark6RSC6jCHIHHhCkK by [email protected] |
|
0 likes, 2 repeats |
|
|
|
@GossiTheDog Thanks Kevin. Gonna forward this to some people that I know use VM… |
|
|
|
Post #ArkZ3gJJURIzmN5D5E by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Does anybody know anybody at VMware Security who could have a look at the #ESXi… |
|
|
|
Post #ArkaJH5r789W9omtXc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog This might be because 6.5 and 6.7 are not longer general supported. |
|
|
|
Post #Arkd1sxpsBJyGFR6Q4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Broadcom's press team don't even reply to requests for int… |
|
|
|
Post #ArkfOA4T9MGhb3HxLs by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog they kept it off on purpose. The GitHub page even says so. It'… |
|
|
|
Post #ArmtBAqoj7D7vPWYme by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog @waldi they are not *generally* supported, it's only _tiny_ su… |
|
|
|
Post #ArmucLaL1cGQzPKyDQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog @vmstan The Brodcom site does not list vulnerable version, but onl… |
|
|
|
Post #Art90tarp5nyZcC6z2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Both VMware and Microsoft have declined to comment about #ESXicape, when asked … |
|
|
|
Post #Art9eYB0s1DdjW0ga0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDogThe answer is “yes”. |
|
|
|
Post #ArtBsY1cQjWvE3Pzo8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog thereby confirming it’s not going to be a good time for many |
|
|
|
Post #ArtFkWyupHD1UNaQoi by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog KVM-QEMU. Have been using it for years. It works. Enough of VMware… |
|
|
|
Post #AsPynj5WA1ltKaQEN6 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
A new twist on #ESXicape - you need local admin rights to escape the VM to the … |
|
|
|
Post #AsPz7yVoWXVMxZNS64 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Some background on Positive Technologies https://www.technologyreview.com/2021/… |
|
|
|
Post #Au5r53mVsq1pEw7TuK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Reupping this thread - remember to patch both #ESXicape and CVE-2025-22230 in V… |
|
|
|
Post #AuLuAus7KYXpjiaG6C by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Still no news or context ? |
