The "waiter-<UUID>" accounts in vSphere may be flagged by security audit as needing to have their passwords rotated

VMware vSphere 8.x

These accounts are used for the Auto Deploy service in vSphere. As such, they require a high privilege level to function correctly.

The waiter accounts' passwords do not expire, and our recommendation is not to change these passwords as they are referenced in an internal database.

More information: Default Accounts in VMware vSphere

If Auto Deploy is not in use, these accounts can be safely disabled or deleted via the vSphere UI.

Once the accounts are deleted, the can be recreated using KB 323193 and they will have new, randomized passwords.