CVE-2022-31676

high

Description

VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

References

Advisories
More

https://www.debian.org/security/2022/dsa-5215

https://security.netapp.com/advisory/ntap-20221017-0003/

https://security.gentoo.org/glsa/202210-27

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZA63DWRW7HROTVBNRIPBJQWBYIYAQMEW/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4TZF6QRJIDECGMEGBPXJCHZ6YC3VZ6Z/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C5VV2R4LV4T3SNQJYRLFD4C75HBDVV76/

https://lists.debian.org/debian-lts-announce/2022/08/msg00013.html

http://www.openwall.com/lists/oss-security/2022/08/23/3

https://www.vmware.com/security/advisories/VMSA-2022-0024.html

Details

Source: Mitre, NVD

Published: 2022-08-23

Updated: 2023-11-07

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00053

Detections

Analytics