Rewterz Threat Advisory – CVE-2022-31681 – VMware ESXi Vulnerability
October 7, 2022Rewterz Threat Update – Microsoft Updates Mitigation for Exchange Server Zero-Days
October 7, 2022Rewterz Threat Advisory – CVE-2022-31681 – VMware ESXi Vulnerability
October 7, 2022Rewterz Threat Update – Microsoft Updates Mitigation for Exchange Server Zero-Days
October 7, 2022Severity
High
Analysis Summary
CVE-2022-31680
VMware vCenter Server could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the PSC (Platform services controller). By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the underlying operating system.
Impact
Code Execution
Indicators Of Compromise
CVE
- CVE-2022-31680
Affected Vendors
VMware
Affected Products
- VMware vCenter Server 6.5
- VMware vCenter Server 6.7
- VMware vCenter Server 7.0
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.