The version of VMware ESXi installed on the remote host is 7.0 prior to 7.0 Update 3s, 8.0 Update 2 prior to 8.0 Update 2d, or 8.0 Update 3 prior to 8.0 Update 3d. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0004 advisory: - VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. (CVE-2025-22224) - VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. (CVE-2025-22225) - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. (CVE-2025-22226) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.0 prior to 7.0 Update 3s, 8.0 Update 2 prior to 8.0 Update 2d, or 8.0 Update 3 prior to 8.0 Update 3d. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0004 advisory: - VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. (CVE-2025-22224) - VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. (CVE-2025-22225) - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. (CVE-2025-22226) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.0 prior to 7.0 Update 3s, 8.0 Update 2 prior to 8.0 Update 2d, or 8.0 Update 3 prior to 8.0 Update 3d. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0004 advisory: - VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. (CVE-2025-22224) - VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. (CVE-2025-22225) - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. (CVE-2025-22226) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.x prior to 7.0 Update 3w, 8.x prior to 8.0 Update 2e, or 8.0 Update 3 prior to 8.0 Update 3f. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0013 advisory: - VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. (CVE-2025-41236) - VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. (CVE-2025-41237) - VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. (CVE-2025-41238) - VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. (CVE-2025-41239) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.x prior to 7.0 Update 3w, 8.x prior to 8.0 Update 2e, or 8.0 Update 3 prior to 8.0 Update 3f. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0013 advisory: - VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. (CVE-2025-41236) - VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. (CVE-2025-41237) - VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. (CVE-2025-41238) - VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. (CVE-2025-41239) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.x prior to 7.0 Update 3w, 8.x prior to 8.0 Update 2e, or 8.0 Update 3 prior to 8.0 Update 3f. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0013 advisory: - VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. (CVE-2025-41236) - VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. (CVE-2025-41237) - VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. (CVE-2025-41238) - VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. (CVE-2025-41239) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.x prior to 7.0 Update 3w, 8.x prior to 8.0 Update 2e, or 8.0 Update 3 prior to 8.0 Update 3f. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0013 advisory: - VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. (CVE-2025-41236) - VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. (CVE-2025-41237) - VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. (CVE-2025-41238) - VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. (CVE-2025-41239) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3p, 8.0 prior to 8.0 Update 1d, or 8.0 prior to 8.0 Update 2b. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2024-0006 advisory: - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. (CVE-2024-22252) - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. (CVE-2024-22253) - VMware ESXi contains an out-of-bounds write vulnerability. (CVE-2024-22254) - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. (CVE-2024-22255) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3p, 8.0 prior to 8.0 Update 1d, or 8.0 prior to 8.0 Update 2b. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2024-0006 advisory: - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. (CVE-2024-22252) - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. (CVE-2024-22253) - VMware ESXi contains an out-of-bounds write vulnerability. (CVE-2024-22254) - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. (CVE-2024-22255) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3p, 8.0 prior to 8.0 Update 1d, or 8.0 prior to 8.0 Update 2b. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2024-0006 advisory: - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. (CVE-2024-22252) - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. (CVE-2024-22253) - VMware ESXi contains an out-of-bounds write vulnerability. (CVE-2024-22254) - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. (CVE-2024-22255) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3p, 8.0 prior to 8.0 Update 1d, or 8.0 prior to 8.0 Update 2b. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2024-0006 advisory: - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. (CVE-2024-22252) - VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. (CVE-2024-22253) - VMware ESXi contains an out-of-bounds write vulnerability. (CVE-2024-22254) - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. (CVE-2024-22255) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below : - First, the top of the certificate chain sent by the server might not be descended from a known public certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed certificate, or when intermediate certificates are missing that would connect the top of the certificate chain to a known public certificate authority. - Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the certificate's 'notAfter' dates. - Third, the certificate chain may contain a signature that either didn't match the certificate's information or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a signing algorithm that Nessus either does not support or does not recognize. If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.

The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below : - First, the top of the certificate chain sent by the server might not be descended from a known public certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed certificate, or when intermediate certificates are missing that would connect the top of the certificate chain to a known public certificate authority. - Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the certificate's 'notAfter' dates. - Third, the certificate chain may contain a signature that either didn't match the certificate's information or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a signing algorithm that Nessus either does not support or does not recognize. If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host.

The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host. Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.

The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3q or 8.0 prior to 8.0 Update 3. It is, therefore, affected by an out-of-bounds read vulnerability as referenced in the VMSA-2024-0013 advisory: Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.0.x prior to 7.0 Update 3v or 8.0.x prior to 8.0 Update 3e. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0010 advisory. - ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. (CVE-2025-41226) - Workstation, Fusion and ESXi contain a denial-of-service vulnerability due to certain guest options. (CVE-2025-41227) - VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. (CVE-2025-41228) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.0.x prior to 7.0 Update 3v or 8.0.x prior to 8.0 Update 3e. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0010 advisory. - ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. (CVE-2025-41226) - Workstation, Fusion and ESXi contain a denial-of-service vulnerability due to certain guest options. (CVE-2025-41227) - VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. (CVE-2025-41228) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of VMware ESXi installed on the remote host is 7.0.x prior to 7.0 Update 3v or 8.0.x prior to 8.0 Update 3e. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2025-0010 advisory. - ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. (CVE-2025-41226) - Workstation, Fusion and ESXi contain a denial-of-service vulnerability due to certain guest options. (CVE-2025-41227) - VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. (CVE-2025-41228) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.