CVE-2024-37086

Summary

VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local administrative privileges on a virtual machine with an existing snapshot may trigger an out-of-bounds read leading to a denial-of-service condition of the host.

Affected Software

VendorProductVersion RangeStatus
n/aESXi8.0 < ESXi80U3-24022510affected
n/aESXi7.0 < ESXi70U3sq-23794019affected
n/aVMware Cloud Foundation5.xaffected
n/aVMware Cloud Foundation4.xaffected

Weaknesses

  • Out-of-bounds read vulnerability

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References