Esxi Security Vulnerabilities and Issues — Esxi CVE List

Lucene search

VmwareEsxi

5 matches found

CVE•added 2022/02/16 5:15 p.m.•221 views

CVE-2021-22040

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

6.7CVSS7.2AI score0.01153EPSS

CVE•added 2022/02/16 5:15 p.m.•209 views

CVE-2021-22041

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

6.7CVSS7.1AI score0.01063EPSS

CVE•added 2022/02/16 5:15 p.m.•185 views

CVE-2021-22050

ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests.

7.5CVSS7.5AI score0.01422EPSS

CVE•added 2022/02/16 5:15 p.m.•164 views

CVE-2021-22043

VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files.

7.5CVSS7.7AI score0.00629EPSS

CVE•added 2022/02/16 5:15 p.m.•117 views

CVE-2021-22042

VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user.

7.8CVSS7.3AI score0.00299EPSS