Threat Alert: Ransomware Targeting VMware ESXi Servers

Advanced Computer Technologies' Threat Alert: Ransomware Targeting VMware ESXi Servers

 

Alert

VMware ESXi Servers are the target of a recent ransomware campaign. This global threat, dubbed “ESXiArgs,” appear to be targeting unpatched and unprotected instances of VMware ESXi.

Who is Affected / Which CVEs are Involved?

The primary impact is to organizations that are running unpatched versions of ESXi, where attackers also have direct access to ESXi management interfaces.

It is very likely that attackers are using any vulnerability accessible to them, but the media has speculated about the involvement of these specific CVEs:

  • CVE-2022-31699
  • CVE-2021-21995
  • CVE-2021-21974
  • CVE-2020-3992
  • CVE-2019-5544
What do I Need to Do

Organizations that are running versions of software older than current releases are at risk and should be updated to the latest versions immediately. Customer security personnel should make assessments of more nuanced situations; for assistance with security assessments please engage VMware Professional Services.

Additional Questions

For more information on this threat or to learn about how the Advanced Security Team works with clients to mitigate threats like this, don’t hesitate to reach out or schedule a call.

 

Contact Advanced Computer Technologies

Recent Posts

March 2025 Security Digest

Security Digest (February 2025)

February 2025 February Patch Tuesday Review Vendor Patch Review Apple Updates Case Study: Transaction Callback Scams Current Events: Microsoft 365 Botnet Attacks Patch Tuesday –

Read More »
March 2025 Security Digest

Security Digest (January 2025)

January 2025 January Patch Tuesday Review Vendor Patch Review Apple Updates Case Study: NTLM, Kerberos And The Future Of Localized Authentication 2024 Review: Healthcare’s Busiest

Read More »

Security Digest (June 2024)

July 2024 Patch Tuesday – 6/11 Deep Dive: CVSS Breakdown On Critical Vulnerability Vendor Patch Advisories Apple Updates TeamViewer Compromise Snowflake Breach Snowballs As always, Advanced

Read More »

Categories