This week, VMware patched a critical vulnerability impacting ESXi, Workstation, Cloud Foundation, and Fusion. CVE-2022-31705 is a heap-out-of-bounds vulnerability with a CVSS severity rating of 9.3. The vulnerability was found in the USB 2.0 controller (EHCI).
According to VMware’s advisory, CVE-2022-31705 could allow an attacker with local administrative privileges on a virtual machine to execute code due to the virtual machine’s VMX process running on the host. Although exploitation of ESXi is limited to the VMX, exploitation of Workstation and Fusion may lead to code execution on the machine wherever Workstation or Fusion is installed.
The following products are impacted by CVE-2022-31705:
VMware also patched an additional critical vulnerability impacting vRealize Network Insight. CVE-2022-31702 has a CVSS severity score of 9.8 and is a command injection vulnerability in the vRNI REST API. The vulnerability could give threat actors with network access to the vRNI API the ability to execute commands without authentication. There are no workarounds for CVE-2022-31702, so it is highly recommended that you apply the appropriate patch immediately.