CyberWatch
Expert Insights
Events & Webinars
Press
Emerging Voices CyberWatch 
|
.
CyberWatch

VMware Urges Users to Remove Depreciated Vulnerable Software

By

By

Access Point Consulting

Summary

VMware has released an advisory regarding two vulnerabilities, CVE-2024-22245 (CVSSv3:9.6) and CVE-2024-22250 (CVSSv3:7.8) which impact the VMware Enhanced Authentication Plug-in (EAP). They are arbitrary authentication relay and session hijack vulnerabilities which exist in the depreciated EAP plug-in. VMware advises users to remove this component from impacted environments. These vulnerabilities were attributed to VMware to Ceri Coburn from Pen Test Partners as the reporter of them.

Impact Assessment

According to VMware the attack vector varies between these two vulnerabilities. CVE-2024-22245, the arbitrary authentication relay vulnerability, requires a malicious actor to trick a target domain user with the affected application installed in their web browser to request relaying service tickets for arbitrary Active Directory Service Principal Names (SPNs). CVE-2024-22250, the session hijack vulnerability, requires a malicious actor with unprivileged local access to a windows OS system can hijack a privileged EAP session when initiated by a privileged domain user on the same system.

What It Means for You

Check your organization’s software inventory for any instances of this VMware EAP software and remove it if present. As it is depreciated it will no longer be receiving updates and is currently vulnerable and it is advised by the vendor to delete it.

Remediation

VMware has supplied an article for a complete guide to removing this software to remediate these vulnerabilities. Refer to their KB 96442 for information on how to do so.

Business Implications

Depreciated or EoL software are always at risk of exploitation as they will never receive security updates. If exploited this vulnerability could damage your organizations reputation as there was not enough expediency in removing this software which depreciated in 2021. This is not to mention the potential loss of data and incident response costs because of an attacker exploiting the vulnerabilities as well.

Access Point Technology Recommends

Follow vendor recommendations: Remove the depreciated software per vendor instructions.

Have a plan for EoL or Depreciated software: Make sure your organization has a plan for removing or mitigating the risk of depreciated software.

Associated Bulletins

https://www.vmware.com/security/advisories/VMSA-2024-0003.html

Resources

Latest Resources

April 10, 2025

Employing the Concept of “Continuity of Care” in Cybersecurity

My wife, Kelly, was a pediatric nurse, having worked in healthcare for over 30 years. I'm biased, but she always got high marks in her profession, from both her peers and from patients for whom she provided care. She provided a level of care that was absolutely critical to ensure patients receive consistent, high-quality treatment across all stages of care. The importance of documentation, communication and a continuity of care was imperative – children’s lives depended on it. But what does continuity of care look like outside the world of healthcare? In the realm of cybersecurity consulting, the principle of continuity is just as vital and plays a pivotal role in safeguarding organizations from evolving cyber threats.

Find out more

April 2, 2025

Scott "Monty" Montgomery (Island) | Navigating CMMC compliance for organizations of every size

Scott Montgomery, known as Monty, joined the CyberWatch Expert Series podcast to discuss his extensive background in cybersecurity, particularly in building and designing network security tools for high-assurance environments like the Department of Defense (DoD) and the intelligence community. His experience includes significant tenure at McAfee (now Trellix), which led him to his current role at Island, where he focuses on innovative approaches to cybersecurity compliance.

Find out more

February 24, 2025

Access Point Consulting Announces MSSP Partnership with Fortinet

Access Point Consulting is pleased to announce that it has become a Fortinet Managed Security Services Provider (MSSP) partner. This partnership places Access Point Consulting among a select group of providers in the Mid-Atlantic region that can offer Fortinet security solutions as both a Certified Fortinet Partner and a Fortinet MSSP.

Find out more
Resources

CyberWatch

April 2, 2025

Scott "Monty" Montgomery (Island) | Navigating CMMC compliance for organizations of every size

Scott Montgomery, known as Monty, joined the CyberWatch Expert Series podcast to discuss his extensive background in cybersecurity, particularly in building and designing network security tools for high-assurance environments like the Department of Defense (DoD) and the intelligence community. His experience includes significant tenure at McAfee (now Trellix), which led him to his current role at Island, where he focuses on innovative approaches to cybersecurity compliance.

Find out more
March 19, 2025

Michael Sviben (DomainGuard) | Defending against phishing and building proactive security awareness

Cybersecurity threats evolve rapidly, and one tactic consistently rises above the rest: phishing. In this episode of CyberWatch, Michael Sviben, co-founder of DomainGuard, discusses why phishing remains so effective, how businesses and individuals become targets, and what you can do to stay vigilant.

Find out more
March 5, 2025

David Habib (Brightspot) | Building a culture of cybersecurity awareness

Cybersecurity awareness is often reduced to check-the-box training, but David Habib, CIO at Brightspot, argues that real security awareness isn’t about formal programs—it’s about making security part of a company’s culture. In this episode, he shares practical insights on how organizations can move beyond stale training sessions to create an engaged and security-conscious workforce.

Find out more

Peace of mind starts here, at Access Point Consulting

Meet with an Expert