Admins Urged to Uninstall VMware EAP Amid Critical Flaws

Threat Level – Red | Vulnerability Report
Download PDF

VMware has issued a warning to administrators regarding two unaddressed security vulnerabilities necessitating the removal of an outdated authentication plugin. Identified as CVE-2024-22245 and CVE-2024-22250, these vulnerabilities enable session hijacking and authentication relay attacks targeting the VMware Enhanced Authentication Plug-in (EAP) within Windows domain environments.

Threat Level – Red | Vulnerability Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox