Product
Adversaries may use ESXCLI commands to discover virtual machines on an ESXi host, potentially indicating reconnaissance for high-value targets, environment mapping, or preparation for data theft or destructive operations.