• ESXi version 7.x
• ESXi is not connected to any domain, and never joined to any domain before.
• If checked with the below URL which redirects to the Host Client, it can be seen that the Active Directory Enabled value is set to 'No'
  
  https://<ESXi FQDN or ESXi Management IP>/ui/#/host/manage/security/authentication
  
  On the Host Client, under Security & Users > Authentication, Active Directory Enabled value is set to 'No'
  
  
• If the above conditions are met, then the ESXi is not vulnerable and not impacted by CVE-2024-37085, even though this version is listed as a vulnerable version as per CVE-2024-37085 notification doc

VMware ESXi

Having the ESX joined to the domain is a requirement for the vulnerability CVE-2024-37085 to be exploitable.

No workaround or resolution is required as the ESXi is not vulnerable to CVE-2024-37085. However it is highly recommended to upgrade to at least ESXi 8.x, as ESXi 7.x has reached EOS (End of Service).