VMware ESXi Vulnerability Audit - VMSA-2024-0006

Reports

VMware ESXi Vulnerability Audit – VMSA-2024-0006

Discover VMware ESXi Installations Vulnerable to CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, and CVE-2024-22255 in Your IT Estate

VMware has released security updates for ESXi, Workstation, and Fusion in response to 4 new vulnerabilities. Together, all 4 of these issues are considered critical with CVSS scores ranging from 7.1 to 9.3. It concerns 2 use-after-free vulnerabilities in the UHCI USB controller (CVE-2024-22252 and CVE-2024-22253), 1 ESXi out-of-bounds write vulnerability (CVE-2024-22254), and an information disclosure vulnerability in UHCI USB controller (CVE-2024-22255). If successfully exploited these issues can lead to remote code execution.

All users are advised to update their installations of VMware ESXi, Workstation, and Fusion to a fixed version as soon as possible. The report below will give you an overview of all vulnerable ESXi installations in your network.You can find a similar report for Workstation and Fusion here. You can read more about these vulnerabilities in the VMWare ESXI, Workstation, and Fusion vulnerability blog post.

Run the VMware ESXi Vulnerability Audit Report

VMware VMSA-2024-0006 ESXi Vulnerability Audit Lansweeper On-Prem Query

Select Distinct Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
Coalesce(tblAssets.Version, tblVmwareProductInfo.Version) As Version,
Coalesce(tblAssets.BuildNumber, tblVmwareProductInfo.Build) As BuildNumber,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Left Join tblVmwareVcenters On tblAssets.AssetID = tblVmwareVcenters.AssetID
Left Join tblVmwareProductInfo On tblVmwareVcenters.VcenterID =
tblVmwareProductInfo.VCenterID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where (tsysAssetTypes.Assettypename = 'ESXi server' And
(tblAssets.Version Like '8.0%' And
Cast(tblAssets.BuildNumber As bigint) < 23299997) Or
(tblAssets.Version Like '7.0%' And 
Cast(tblAssets.BuildNumber As bigint) < 23307199))

Show

Hide

NO CREDIT CARD REQUIRED

Ready to get started?

Explore all our features, free for 14 days.

Start for free Talk to sales

Audit and Take Action in 3 Easy Steps

1. Start Your Free Trial

Experience all Lansweeper features: start your free 14-day trial.
2. Discover All Assets

Discover all IT, OT, and IoT devices from all environments and get a complete asset inventory.
3. Run the Audit & Take Action

Run the audit report and see which devices require your attention.

Ready to get started?

Explore the full platform, free for 14 days.
No credit card required.

Start free Book a demo

Need help evaluating?

Get guidance on pricing at scale and enterprise requirements.

Talk to sales

Clear pricing as you grow

Transparent plans that scale with your environment.

View plans & pricing