Multiple Vulnerabilities in VMware Enhanced Authentication Plug-in

Published on 22 Feb 2024

VMware has released mitigating measures addressing multiple vulnerabilities (CVE-2024-22245 and CVE-2024-22250) impacting their Enhanced Authentication Plug-in (EAP).

The vulnerabilities are:

• CVE-2024-22245: An arbitrary authentication relay vulnerability may allow an attacker to trick a domain user with EAP enabled in their web browser to request and relay service tickets for arbitrary Active Directory Service Principal Names. The vulnerability has a Common Vulnerability Scoring System (CVSSv3) score of 9.6 out of 10.

• CVE-2024-22250: A session hijack vulnerability may allow an attacker with limited local access to the Windows operating system to compromise a privileged EAP session.

The vulnerabilities affect all VMware EAP versions.

Users and administrators of the affected product are advised to remove the EAP plugin and consider using other authentication methods such as Active Directory over LDAPS, Microsoft Active Directory Federation Services, Okta, and Microsoft Entra ID.

More information is available here:

https://www.vmware.com/security/advisories/VMSA-2024-0003.html

https://nvd.nist.gov/vuln/detail/CVE-2024-22245

https://nvd.nist.gov/vuln/detail/CVE-2024-22250