Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/114105430812688339">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 05-Mar-2025 02:52:00 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/114105391539321021" rel="in-reply-to">in reply to</a></div></section><article><p>Another good catch by @TomSellers - VMware's website advisory has less detail than their github for some reason.</p><p>Their github: <a href="https://github.com/vmware/vcf-security-and-compliance-guidelines/tree/main/security-advisories/vmsa-2025-0004" rel="nofollow noreferrer">https://github.com/vmware/vcf-security-and-compliance-guidelines/tree/main/security-advisories/vmsa-2025-0004</a></p><p>According to their Github, additional VMware ESXi versions are impacted (e.g. 6.5, 6.7) and older versions are likely impacted but no patches available.</p><p>An in the wild exploit for RCE hypervisor escape across every supported (and unsupported) product like this is unprecedent.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4672334#notice-9149868">In conversation</a><time datetime="2025-03-05T02:52:00+09:00" title="Wednesday, 05-Mar-2025 02:52:00 JST">about a month ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/114105430812688339" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/114105430812688339">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/4241394">Untitled attachment</a></label><br></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4241395">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 05-Mar-2025 02:52:00 JST Kevin Beaumont
in reply to
Another good catch by @TomSellers - VMware's website advisory has less detail than their github for some reason.
Their github: https://github.com/vmware/vcf-security-and-compliance-guidelines/tree/main/security-advisories/vmsa-2025-0004
According to their Github, additional VMware ESXi versions are impacted (e.g. 6.5, 6.7) and older versions are likely impacted but no patches available.
An in the wild exploit for RCE hypervisor escape across every supported (and unsupported) product like this is unprecedent.
In conversationabout a month ago from cyberplace.socialpermalink
Attachments
1. Untitled attachment
2. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice