7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
For a detailed advisory, download the pdf file here.
A heap buffer overflow vulnerability has been discovered in multiple products of VMware. This bug has been tracked as CVE-2021-22045, if exploited would result in the execution of arbitrary code by the attacker.
Heap overflows are memory concerns that can cause data corruption or unexpected behavior in any process that accesses the affected memory space - in some situations leading to remote code execution (RCE).
The bug affects ESXi versions 6.5, 6.7, 7.0; Workstation version 16.x; Fusion version 12.x and Cloud Foundation versions 4.x, 3.x.
Organizations can patch some of the versions from the link below. However, some of them still await patches and organizations can use these steps to mitigate the flaw:
Log in to a vCenter Server system using the vSphere Web Client.
Right-click the virtual machine and click Edit Settings.
Select the CD/DVD drive and uncheck "Connected" and "Connect at power on" and remove any attached ISOs.
According to the vendor, users can execute the following command to enumerate the VMs that have a CD-ROM/DVD drive attached:
Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent
The attached CD-ROM/DVD device will then be removed and disconnected using the following command:
Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Set-CDDrive -NoMedia -confirm:$false
<https://www.vmware.com/security/advisories/VMSA-2022-0001.html>
<https://www.cisa.gov/uscert/ncas/current-activity/2022/01/05/vmware-releases-security-updates>
<https://thehackernews.com/2022/01/vmware-patches-important-bug-affecting.html>
<https://threatpost.com/unpatched-vmware-bug-hypervisor-takeover/177428/>
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C