VMWare Products Multiple Vulnerabilities

Last Update Date: 26 Apr 2022 Release Date: 7 Apr 2022 5560 Views

RISK: Extremely High Risk

Extremely High Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

Multiple vulnerabilities were identified in VMware products. An attacker could exploit some of these vulnerabilities to trigger cross site scripting, elevation of privilege, remote code execution, security restriction bypass and information disclosure.

 

[Updated on 2022-04-26] CVE-2022-22954 and CVE-2022-22960 are being exploited in the wild. Exploitation of CVE-2022-22954 may trigger remote code execution vulnerability while exploitation of CVE-2022-22960 may trigger elevation of privilege vulnerability. The risk level is changed from medium risk to extremely high risk correspondingly. HKCERT urges users and administrators to review the security update pages for the affected products and apply the related updates as soon as possible.

Impact

  • Cross-Site Scripting
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

Please visit the vendor web-site for more details.

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Vulnerability Identifier

Source

Related Link

Related Tags

VMwareCross Site ScriptingElevation of PrivilegeRemote Code ExecutionSecurity Restriction BypassInformation DisclosureExploit In The Wild

Share with

Previous

Red Hat Kernel Multiple Vulnerabilities

25 Apr 2022 4053 Views

Next

Google Chrome Multiple Vulnerabilities

27 Apr 2022 4387 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY