8.2.8 Ensure PCI and PCIe device passthrough is disabled

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Using the VMware DirectPath I/O feature to pass through a PCI or PCIe device to a virtual machine can result in a potential security vulnerability.


The vulnerability can be triggered by buggy or malicious code running in privileged mode in the guest OS, such as a device driver.


The following PowerCLI command can be used:

# Add the setting to all VMs
Get-VM | New-AdvancedSetting -Name 'pciPassthru*.present' -value ''

See Also