Threat Alert: Ransomware Targeting VMware ESXi Servers

Advanced Computer Technologies' Threat Alert: Ransomware Targeting VMware ESXi Servers

 

Alert

VMware ESXi Servers are the target of a recent ransomware campaign. This global threat, dubbed “ESXiArgs,” appear to be targeting unpatched and unprotected instances of VMware ESXi.

Who is Affected / Which CVEs are Involved?

The primary impact is to organizations that are running unpatched versions of ESXi, where attackers also have direct access to ESXi management interfaces.

It is very likely that attackers are using any vulnerability accessible to them, but the media has speculated about the involvement of these specific CVEs:

  • CVE-2022-31699
  • CVE-2021-21995
  • CVE-2021-21974
  • CVE-2020-3992
  • CVE-2019-5544
What do I Need to Do

Organizations that are running versions of software older than current releases are at risk and should be updated to the latest versions immediately. Customer security personnel should make assessments of more nuanced situations; for assistance with security assessments please engage VMware Professional Services.

Additional Questions

For more information on this threat or to learn about how the Advanced Security Team works with clients to mitigate threats like this, don’t hesitate to reach out or schedule a call.

 

Contact Advanced Computer Technologies

Recent Posts

Security Digest (June 2024)

July 2024 Patch Tuesday – 6/11 Deep Dive: CVSS Breakdown On Critical Vulnerability Vendor Patch Advisories Apple Updates TeamViewer Compromise Snowflake Breach Snowballs As always, Advanced

Read More »

Security Digest (May 2024)

May 2024 Patch Tuesday – 5/14 Threat Grading Overview Vendor Patch Advisories Threat Breakdown: The Return of Revenge Remote Access Trojan Looking Back: WannaCry –

Read More »

Cybersecurity Triad

New cyber threats are emerging every day, keeping us on our toes. Let’s talk about some of these threats, including credential stuffing, password spraying, and

Read More »

Security Digest (April 2024)

April 2024 Patch Tuesday – 4/9 Threat Grading Overview Deep Dive: CVE-2024-26234 and Digital Signatures – Who Can We Trust? Vendor Patch Advisories Emerging Threat:

Read More »

Categories