45,654 VMware ESXi servers reached End of Life on Oct. 15

Lansweeper warns that over 45,000 VMware ESXi servers exposed online have reached end-of-life (EOL), making them an easy target for attackers.

IT Asset Management software provider Lansweeper has scanned the Internet for VMware ESXi servers and found over 45,000 instances that have reached end-of-life (EOL). The company discovered 79,000 VMware ESXi instances operated by 6.000 organizations.

VMware ESXi 6.5 and VMware ESXi 6.7 have reached end-of-life and will only receive technical support. The virtualization giant was offering 2 years of extended support for ESXi 6.5 and 6.7, the support was offered until October 15, 2024.

“In order to get continuous support, you have to buy the extended support before the end of General Support. This extended support does not include updates for 3rd party Software packages. There will be no architectural, performance improvements, or feature additions. Security patches are limited to one roll-up per year.” reads the post published by Lansweeper. “If you have purchased the 2-year extended support, you can also claim 1 extra year of technical guidance from the end of extended support (i.e. until October 15, 2025).”

The servers that have reached EOL will no longer receive updates making them privileged targets for threat actors.

The total number of VMware ESXi servers reaching End of Life is 45,654 , below are the results of the scan performed by Lansweeper:

• 28,835 version 6.7.0 (36.5%)
• 16,830 version 6.5.0 (21.3%)

This means that majority of the ESXi instances have reached EOL, while 15.8% of the servers run older versions (from 3.5.0 to 5.5.0).

Let’s remember that it is very important to keep VMware ESXi servers up to date, numerous cybercrime and ransomware gangs (i.e. New Luna, Black Basta, LockBit, AvosLocker, HelloKitty, BlackMatter, GwisinLocker, ALPHV/BlackCat, Hive) targeted organizations running vulnerable servers.

“Keeping an accurate inventory of your virtual machines can be challenging.” concludes the post.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, VMware)

[adrotate banner=”5″]

[adrotate banner=”13″]