CVE-2024-37085

Vulnerability updated a year ago (2024-08-01T13:33:12.023Z)

Download STIX

Preview STIX

Not enough context has been learned about CVE-2024-37085 for a description yet. However we're tracking it as a Vulnerability profile. Vulnerability: A flaw in software design or implementation

Description last updated:

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Esxi

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Black Basta Malware is associated with CVE-2024-37085. Black Basta is a notorious malware group known for its sophisticated ransomware attacks, which have targeted numerous high-profile entities. The group has demonstrated a remarkable ability to adapt their tactics, techniques, and procedures (TTPs), allowing them to effectively evade security defenses	Unspecified	3
The Akira Malware is associated with CVE-2024-37085. Akira is a potent ransomware that has been active since 2023, known for its aggressive encryption tactics and swift deployment. This malware, which brings a unique '80s aesthetic to the dark web, has quickly risen in prominence within the cybercrime landscape. It has targeted hundreds of victims glo	Unspecified	2

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Blackbyte Threat Actor is associated with CVE-2024-37085. BlackByte, a threat actor believed to be an offshoot of the notorious Conti group, has been observed by cybersecurity experts exploiting a recently disclosed VMware ESXi vulnerability (CVE-2024-37085) to gain control over virtual machines and escalate privileges within compromised environments. This	Unspecified	3

Source Document References

Information about the CVE-2024-37085 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	21 days ago	GoAnywhere MFT zero-day used by Storm-1175 in Medusa ransomware campaigns
Securelist	a year ago	Non-mobile threat statistics for Q3 2024
Securityaffairs	a year ago	Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION
InfoSecurity-magazine	a year ago	BlackByte Adopts New Tactics, Targets ESXi Hypervisors
DARKReading	a year ago	BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets
Securityaffairs	a year ago	BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085
Securityaffairs	a year ago	SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Checkpoint	a year ago	5th August – Threat Intelligence Report - Check Point Research
Securityaffairs	a year ago	security-affairs-malware-newsletter-round-5
Securityaffairs	a year ago	Security Affairs newsletter Round 483 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	a year ago	+20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085
DARKReading	a year ago	Ransomware Gangs Exploit ESXi Bug for Instant, Mass Encryption of VMs
Securityaffairs	a year ago	Ransomware gangs exploit VMware ESXi bug CVE-2024-37085
Securityaffairs	a year ago	CISA adds VMware ESXi bug to its Known Exploited Vulnerabilities catalog
CISA	a year ago	CISA Adds One Known Exploited Vulnerability to Catalog \| CISA