Check the status of CVEs. Learn More.
Keeping your systems up 100% of the time requires live patching. Our solutions will align strongly with your risk, compliance, and operational uptime requirements.
TuxCare is trusted by the most innovative companies across the globe.
Learn about TuxCare's modern approach to reducing cybersecurity risk with Blogs, White Papers, and more.
Continually increasing Cybersecurity, stability, and availability of Linux servers and open source software since 2009.
TuxCare provides live security patching for numerous industries. Learn how TuxCare is minimizing risk for companies around the world.
2x a month. No spam.
December 27, 2022 - TuxCare expert team
VMware has released patches for a number of vulnerabilities, including a virtual machine escape flaw, CVE-2022-31705, which was exploited during the GeekPwn 2022 hacking challenge, as part of this month’s Patch Tuesday.
VMWare assigned a CVSS severity rating of 9.3/10 to this vulnerability and alerted that a malicious actor with local administrator rights on a virtual machine could exploit it to execute code as the virtual machine’s VMX process running on the host.
The VM escape flaw, documented as CVE-2022-31705, was exploited by Ant Security researcher Yuhao Jiang on systems running fully patched VMware Fusion, ESXi and Workstation products.
“On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed,” VMware said.
Meanwhile, the critical security update with a CVSS score of 7.2 addresses two vulnerabilities (CVE-2022-31700, CVE-2022-31701) in VMware Workspace ONE Access and Identity Manager. CVE-2022-31700 is an authenticated RCE vulnerability with a CVSS score of 7.2, while CVE-2022-31701 is a broken authentication bug with a severity rating of 5.3.
The products affected by the vulnerability includes;
ESXi 8.0 (fixed in ESXi 8.0a-20842819) (fixed in ESXi 8.0a-20842819)
ESXi 7.0 (fixed in 7.0U3i-20842708) (fixed in 7.0U3i-20842708)
Fusion version 12.x (fixed in 12.2.5)
16.x Workstation (fixed in 16.2.5)
4.x/3.x Cloud Foundation (fixed in KB90336)
VMware also resolved a command injection and directory traversal security vulnerability, both tracked as CVE-2022-31702 31702, a critical severity (CVSS v3: 9.8) vulnerability in the vRNI REST API of vRealize Network Insight versions 6.2 to 6.7 that allows command injection. And CVE-2022-31703, a directory traversal flaw with low severity (CVSS v3: 7.5) that allows a threat actor to read arbitrary files from the server.
The sources for this piece include an article in SecurityAffairs.
Learn About Live Patching with TuxCare
According to CyberArk researchers, GPT-based models like ChatGPT can be...
Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in...
Deep Instinct researchers reported that RATs like StrRAT and Ratty...
According to CircleCI’s CTO, Rob Zuber, CircleCI is working with...
A remote attacker could exploit multiple vulnerabilities in four Cisco...
In a notable IcedID malware attack, the assailant impacted the...