45,654 VMware ESXi servers reached End of Life on Oct. 15

October 17, 2022  By Pierluigi Paganini


Lansweeper warns that over 45,000 VMware ESXi servers exposed online have reached end-of-life (EOL), making them an easy target for attackers.

IT Asset Management software provider Lansweeper has scanned the Internet for VMware ESXi servers and found over 45,000 instances that have reached end-of-life (EOL). The company discovered 79,000 VMware ESXi instances operated by 6.000 organizations.

VMware ESXi 6.5 and VMware ESXi 6.7 have reached end-of-life and will only receive technical support. The virtualization giant was offering 2 years of extended support for ESXi 6.5 and 6.7, the support was offered until October 15, 2024.

“In order to get continuous support, you have to buy the extended support before the end of General Support. This extended support does not include updates for 3rd party Software packages. There will be no architectural, performance improvements, or feature additions. Security patches are limited to one roll-up per year.” reads the post published by Lansweeper. “If you have purchased the 2-year extended support, you can also claim 1 extra year of technical guidance from the end of extended support (i.e. until October 15, 2025).”

The servers that have reached EOL will no longer receive updates making them privileged targets for threat actors.

The total number of VMware ESXi servers reaching End of Life is 45,654 , below are the results of the scan performed by Lansweeper:

  • 28,835 version 6.7.0 (36.5%)
  • 16,830 version 6.5.0 (21.3%)
VMware ESXi EOL.png

This means that majority of the ESXi instances have reached EOL, while 15.8% of the servers run older versions (from 3.5.0 to 5.5.0).

Let’s remember that it is very important to keep VMware ESXi servers up to date, numerous cybercrime and ransomware gangs (i.e. New Luna, Black Basta, LockBit, AvosLocker, HelloKitty, BlackMatter, GwisinLocker, ALPHV/BlackCat, Hive) targeted organizations running vulnerable servers.

“Keeping an accurate inventory of your virtual machines can be challenging.” concludes the post.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, VMware)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

 Microsoft warns that new Prestige ransomware is targeting transportation and logistics organizations in Ukraine and Poland. Microsoft...