VMware ESXi Vulnerability Audit – VMSA-2024-0006
Software VulnerabilityDiscover VMware ESXi Installations Vulnerable to CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, and CVE-2024-22255 in Your IT Estate
VMware has released security updates for ESXi, Workstation, and Fusion in response to 4 new vulnerabilities. Together, all 4 of these issues are considered critical with CVSS scores ranging from 7.1 to 9.3. It concerns 2 use-after-free vulnerabilities in the UHCI USB controller (CVE-2024-22252 and CVE-2024-22253), 1 ESXi out-of-bounds write vulnerability (CVE-2024-22254), and an information disclosure vulnerability in UHCI USB controller (CVE-2024-22255). If successfully exploited these issues can lead to remote code execution.
All users are advised to update their installations of VMware ESXi, Workstation, and Fusion to a fixed version as soon as possible. The report below will give you an overview of all vulnerable ESXi installations in your network.You can find a similar report for Workstation and Fusion here. You can read more about these vulnerabilities in the VMWare ESXI, Workstation, and Fusion vulnerability blog post.
VMware VMSA-2024-0006 ESXi Vulnerability Audit Lansweeper On-Prem Query
Select Distinct Top 1000000 tblAssets.AssetID, tblAssets.AssetName, tblAssets.Domain, tsysAssetTypes.AssetTypename As AssetType, tsysAssetTypes.AssetTypeIcon10 As icon, tblAssets.IPAddress, tsysIPLocations.IPLocation, tblAssetCustom.Manufacturer, tblAssetCustom.Model, Coalesce(tblAssets.Version, tblVmwareProductInfo.Version) As Version, Coalesce(tblAssets.BuildNumber, tblVmwareProductInfo.Build) As BuildNumber, tblAssets.Lastseen, tblAssets.Lasttried From tblAssets Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype Inner Join tsysIPLocations On tsysIPLocations.LocationID = tblAssets.LocationID Left Join tblVmwareVcenters On tblAssets.AssetID = tblVmwareVcenters.AssetID Left Join tblVmwareProductInfo On tblVmwareVcenters.VcenterID = tblVmwareProductInfo.VCenterID Inner Join tblState On tblState.State = tblAssetCustom.State Left Join tsysOS On tsysOS.OScode = tblAssets.OScode Where (tsysAssetTypes.Assettypename = 'ESXi server' And (tblAssets.Version Like '8.0%' And Cast(tblAssets.BuildNumber As bigint) < 23299997) Or (tblAssets.Version Like '7.0%' And Cast(tblAssets.BuildNumber As bigint) < 23307199))