CVSSv3: 7.0 - Important
On 8/23/2022, VMware released their initial advisory for a vulnerability in VMware Tools CVE-2022-31676. This is a local privilege escalation vulnerability, and updates have been released to address affected products. The known attack vectors are any malicious actor with local system access to the Guest OS that can run privilege escalation to gain root user access on the virtual machine.
Versions Fixed:
Windows (v12,v11) 12.1.0
Linux (v12,v11) 12.1.0
Linux (v10) 10.3.25
1v
ReplyDelete