VMware has recently issued a patch for an Information Disclosure vulnerability CVE-2022-22948 discovered by the Pentera Labs team, impacting over 500,000 appliances.
In the full attack vector, threat actors can completely take over an organization’s ESXis deployed in a hybrid infrastructure and virtual machines hosted and managed by the hypervisor from just endpoint access to a host with a vCenter client.
This 20-minute overview with Pentera experts will discuss: