3 matches found
CVE-2022-22977
VMware Tools for Windows12.0.0, 11.x.y and 10.x.y contains an XML External Entity XXE vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a denial-of-service condition or...
CVE-2022-22977
CVE-2022-22977 affects VMware Tools for Windows (12.0.0, 11.x.y, 10.x.y). It is an XML External Entity (XXE) vulnerability in the VMware VGAuthService component used by the guest VM tools, exploitable by a non‑administrative local user to cause denial of service and potentially disclose informati...
CVE-2022-22977: VMware Guest Authentication Service LPE (FIXED)
A low-privileged local attacker can prevent the VMware Guest Authentication service VGAuthService.exe from running in a guest Windows environment and can crash this service, thus rendering the guest unstable. In some very contrived circumstances, the attacker can leak file content to which they d...