Lucene search
HiveForce LabHIVEPRO:105F9FC55AA4F81D329D840166A4B325HistoryDec 19, 2022 - 1:01 p.m.
VMware tackles security flaws in ESXi and vRealize
2022-12-1913:01:27
HiveForce Lab
www.hivepro.com
33
vmware
esxi
vrealize
security weaknesses
critical-severity vulnerability
command injection
cve-2022-31705
guest os
arbitrary code
host compromise
0.0004 Low
EPSS
Percentile
9.9%
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary VMware addressed security weaknesses to address a critical-severity vulnerability affecting ESXi, Workstation, Fusion, and Cloud Foundation, as well as a critical-severity command injection flaw impacting vRealize Network Insight. CVE-2022-31705 is a heap out-of-bounds write vulnerability that allows a local privileged user on the guest OS to execute arbitrary code. Exploiting this vulnerability could potentially compromise the host operating system.
Related
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Vmware Workstation
2023-01-09 04:27:15
prion
prion
Heap overflow
2022-12-14 19:15:00
cvelist
cvelist
CVE-2022-31705
2022-12-14 00:00:00
nessus
nessus
VMware Workstation 16.0.x < 16.2.5 Heap Out-of-bounds Write (VMSA-2022-0033)
2023-01-04 00:00:00
VMware Fusion 12.0.x < 12.2.5 Heap Out-of-bounds Write (VMSA-2022-0033)
2023-01-04 00:00:00
VMware ESXi 7.0 / 8.0 Heap Out-of-bounds Write (VMSA-2022-0033)
2023-01-04 00:00:00
kaspersky
kaspersky
KLA20112 ACE vulnerability in VMware Workstation
2022-12-13 00:00:00
cve
cve
CVE-2022-31705
2022-12-14 19:15:13
nvd
nvd
CVE-2022-31705
2022-12-14 19:15:13
vmware
vmware
thn
thn
Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
2022-12-14 04:40:00