VMware experienced critical flaws in their ESXi and vCenter products, which were heavily exploited by ransomware gangs and state actors, causing considerable disruptions. The vulnerabilities, such as CVE-2024-38812, CVE-2024-37085, and CVE-2024-38813, highlighted shortcomings in Broadcom's security responses, with incomplete patching and delays in acknowledgment. This allowed attackers to capitalize on these exploits, leading to ransomware infections and data breaches that potentially compromised personal and financial information, causing significant operational and security challenges for the company and its clients.
Source: https://www.theregister.com/2025/02/28/cisa_kev_list_ransomware/
TPRM report: https://scoringcyber.rankiteo.com/company/vmware
"id": "vmw403030325",
"linkid": "vmware",
"type": "Ransomware",
"date": "2/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Technology',
'name': 'VMware',
'type': 'Corporation'}],
'attack_vector': ['Vulnerability Exploitation',
'Ransomware Infection',
'Data Breach'],
'data_breach': {'type_of_data_compromised': ['Personal Information',
'Financial Information']},
'description': 'VMware experienced critical flaws in their ESXi and vCenter '
'products, which were heavily exploited by ransomware gangs '
'and state actors, causing considerable disruptions. The '
'vulnerabilities, such as CVE-2024-38812, CVE-2024-37085, and '
"CVE-2024-38813, highlighted shortcomings in Broadcom's "
'security responses, with incomplete patching and delays in '
'acknowledgment. This allowed attackers to capitalize on these '
'exploits, leading to ransomware infections and data breaches '
'that potentially compromised personal and financial '
'information, causing significant operational and security '
'challenges for the company and its clients.',
'impact': {'data_compromised': ['Personal Information',
'Financial Information'],
'operational_impact': 'Significant',
'systems_affected': ['ESXi', 'vCenter']},
'motivation': 'Financial Gain, Data Theft',
'threat_actor': ['Ransomware Gangs', 'State Actors'],
'title': 'VMware Critical Flaws Exploitation',
'type': 'Cyber Exploitation',
'vulnerability_exploited': ['CVE-2024-38812',
'CVE-2024-37085',
'CVE-2024-38813']}