SpotlightCyber Zone

VMware Users Alert: Critical Vulnerabilities in Deprecated EAP Plugin ( CVE-2024-22245 & CVE-2024-22250 )

Guardian By Guardian 3 Min Read

Attention VMware users! A critical security flaw discovered in the Enhanced Authentication Plugin (EAP) poses a significant threat to your data and system. This obsolete plugin, no longer supported by VMware, retains vulnerabilities that could allow attackers to gain unauthorized access and hijack privileged sessions. Immediate action is important to reduce these risks.

Contents
What is the EAP plugin?What are the vulnerabilities?Why is this important?What should you do?Stay informed

What is the EAP plugin?

The EAP plugin, once used to simplify login to the vSphere management interface, has been discontinued as of March 2021 due to security concerns and incompatibility with modern authentication standards. However, some organizations may still have it installed on their systems.

What are the vulnerabilities?

Two critical vulnerabilities have been identified in the EAP plugin:

Critical vulnerabilities (CVE-2024-22245 & CVE-2024-22250) expose systems to data breaches and hijacking. Uninstall the VMware EAP Plugin plugin now!
  • CVE-2024-22245 (Arbitrary Authentication Relay): This vulnerability allows attackers to trick users into requesting and relaying service tickets for unauthorized purposes. This could grant them access to sensitive resources and systems.
  • CVE-2024-22250 (Session Hijack): This vulnerability allows attackers with local access to a system to hijack a privileged EAP session initiated by another user. This could grant them elevated privileges and complete control over the system.

Why is this important?

These vulnerabilities carry a high severity rating, indicating a significant risk to system security. By exploiting these vulnerabilities, attackers could gain access to confidential data, disrupt operations, and compromise sensitive systems.

What should you do?

VMware strongly recommends uninstalling the EAP plugin immediately. There is no patch available due to the plugin’s obsolete status and security risks. Follow these steps to uninstall the EAP plugin:

  1. Windows:
    • Go to “Control Panel” > “Programs and Features”.
    • Select “VMware Enhanced Authentication Plugin” and click “Uninstall”.
  2. macOS:
    • Open “Finder” and go to “Applications”.
    • Drag the “VMware Enhanced Authentication Plugin” icon to the Trash.

Additional resources:

More Read

Court Orders NSO Group to Hand Over Pegasus Spyware Code
U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code in Landmark Decision
Google Pauses Gemini AI’s People Image Generation to Improve Accuracy
Microsoft’s PyRIT: A Game Changer in Generative AI Security (2024)
Robert Half Data Breach EXPOSES Job Seekers Data: What You Need to Know NOW!

Stay informed

  • Regularly check for security updates from VMware.
  • Follow VMware’s social media channels and blog for security announcements.
  • Subscribe to email alerts from VMware for critical security updates.

By taking immediate action to uninstall the EAP plugin, you can significantly reduce the risk of attacks and protect your valuable data and systems.

TAGGED:
Share This Article
Previous Article Robert Half Data Breach EXPOSES Job Seekers Data: What You Need to Know NOW!
Next Article Microsoft's PyRIT: A Game Changer for Red Teaming Generative AI Systems Microsoft’s PyRIT: A Game Changer in Generative AI Security (2024)