Lucene search
VmwareCVELIST:CVE-2022-31705HistoryDec 14, 2022 - 12:00 a.m.
CVE-2022-31705
2022-12-1400:00:00
vmware
www.cve.org
7
vmware
esxi
workstation
fusion
usb 2.0
controller
ehci
vulnerability
exploit
code execution
local privileges
VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
CNA Affected
[
{
"vendor": "n/a",
"product": "VMware ESXi, VMware Workstation Pro / Player, VMware Fusion Pro / Fusion (Fusion), VMware Cloud Foundation",
"versions": [
{
"version": "VMware ESXi (8.0 prior to ESXi80a-20842819, 7.0 prior to ESXi70U3si-20841705, VMware Workstation Pro / Player (16.x prior to 16.2.5), VMware Fusion Pro / Fusion (12.x prior to 12.2.5), VMware Cloud Foundation (4.x, 3.x)",
"status": "affected"
}
]
}
]Related
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Vmware Workstation
2023-01-09 04:27:15
hivepro
hivepro
VMware tackles security flaws in ESXi and vRealize
2022-12-19 13:01:27
cve
cve
CVE-2022-31705
2022-12-14 19:15:13
kaspersky
kaspersky
KLA20112 ACE vulnerability in VMware Workstation
2022-12-13 00:00:00
nessus
nessus
VMware Fusion 12.0.x < 12.2.5 Heap Out-of-bounds Write (VMSA-2022-0033)
2023-01-04 00:00:00
VMware Workstation 16.0.x < 16.2.5 Heap Out-of-bounds Write (VMSA-2022-0033)
2023-01-04 00:00:00
VMware ESXi 7.0 / 8.0 Heap Out-of-bounds Write (VMSA-2022-0033)
2023-01-04 00:00:00
vmware
vmware
nvd
nvd
CVE-2022-31705
2022-12-14 19:15:13
prion
prion
Heap overflow
2022-12-14 19:15:00
thn
thn
Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
2022-12-14 04:40:00