Skip to content Skip to footer

VMware Alert: Uninstall EAP Now

VMware has recently uncovered a critical security flaw in the Enhanced Authentication Plugin (EAP) and is urging users to uninstall the deprecated software immediately. Tracked as -2024-22245, the has been identified as an arbitrary authentication relay bug that malicious actors can to trick a target domain user with EAP installed in their browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal Names (SPNs). The EAP software package was designed to allow direct login to vSphere's management interfaces and tools through a browser. Still, it is not included by default or part of vCenter Server, ESXi, or Cloud Foundation. It's important to note that the vulnerabilities only impact users who have added EAP to systems to connect to VMware vSphere via the vSphere Client. Ceri Coburn from Pen Test Partners discovered and reported the twin vulnerabilities on October 17, 2023. The flaws include a session hijack flaw (-2024-22250, CVSS score: 7.8), which could allow a malicious actor with unprivileged local access to a operating system to seize a privileged EAP session. Although the vulnerabilities will not be addressed, VMware recommends users remove the plugin to mitigate potential threats. Users can remove the Enhanced Authentication Plugin from client systems using the client operating system's method of uninstalling software.

Want to read more? Check out the original article available at The Hacker News!

Read More

Leave a comment

Newsletter Signup

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

A strange game. The only winning move is not to play. How about a nice game of chess?Joshua

Deitasoft © 2024. All Rights Reserved.