CVE-2024-37085

Vulnerability updated 5 months ago (2024-08-01T13:33:12.023Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2024-37085 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Esxi

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Black Basta Malware is associated with CVE-2024-37085. Black Basta is a notorious malware group known for its sophisticated ransomware attacks, which have targeted numerous high-profile entities. The group has demonstrated a remarkable ability to adapt their tactics, techniques, and procedures (TTPs), allowing them to effectively evade security defenses	Unspecified	3
The Akira Malware is associated with CVE-2024-37085. Akira is a potent ransomware that has been active since 2023, known for its aggressive encryption tactics and swift deployment. This malware, which brings a unique '80s aesthetic to the dark web, has quickly risen in prominence within the cybercrime landscape. It has targeted hundreds of victims glo	Unspecified	2

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Blackbyte Threat Actor is associated with CVE-2024-37085. BlackByte, a threat actor believed to be an offshoot of the notorious Conti group, has been observed by cybersecurity experts exploiting a recently disclosed VMware ESXi vulnerability (CVE-2024-37085) to gain control over virtual machines and escalate privileges within compromised environments. This	Unspecified	3

Source Document References

Information about the CVE-2024-37085 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securelist	21 days ago	Non-mobile threat statistics for Q3 2024
Securityaffairs	4 months ago	Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION
InfoSecurity-magazine	4 months ago	BlackByte Adopts New Tactics, Targets ESXi Hypervisors
DARKReading	4 months ago	BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets
Securityaffairs	4 months ago	BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085
Securityaffairs	4 months ago	SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Checkpoint	5 months ago	5th August – Threat Intelligence Report - Check Point Research
Securityaffairs	5 months ago	security-affairs-malware-newsletter-round-5
Securityaffairs	5 months ago	Security Affairs newsletter Round 483 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	5 months ago	+20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085
DARKReading	5 months ago	Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs
Securityaffairs	5 months ago	Ransomware gangs exploit VMware ESXi bug CVE-2024-37085
Securityaffairs	5 months ago	CISA adds VMware ESXi bug to its Known Exploited Vulnerabilities catalog
CISA	5 months ago	CISA Adds One Known Exploited Vulnerability to Catalog \| CISA