Rewterz Threat Advisory – Multiple VMware vRealize Network Insight Vulnerabilities
December 14, 2022Rewterz Threat Advisory – Multiple Apache CXF Vulnerabilities
December 14, 2022Rewterz Threat Advisory – Multiple VMware vRealize Network Insight Vulnerabilities
December 14, 2022Rewterz Threat Advisory – Multiple Apache CXF Vulnerabilities
December 14, 2022Severity
High
Analysis Summary
CVE-2022-31705
VMware ESXi, Workstation, and Fusion could allow a local authenticated attacker to execute arbitrary code on the system, caused by a heap out-of-bounds write vulnerability in EHCI controller. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
Code Execution
Indicators Of Compromise
CVE
- CVE-2022-31705
Affected Vendors
VMware
Affected Products
- VMware ESXi 7.0
- VMware ESXi 8.0
- VMware Fusion 12
- VMware Fusion 13
- VMware Workstation 16
- VMware Workstation 17
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.