CVE-2022-31676
published 2022-08-23CVE-2022-31676: VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | open-vm-tools | < open-vm-tools 2:12.1.0-1 (bookworm) | open-vm-tools 2:12.1.0-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| paloalto | pan-os | — | — |
| vmware | open-vm-tools | >= 0 < 2:11.2.5-2+deb11u1 | 2:11.2.5-2+deb11u1 |
| vmware | open-vm-tools | >= 0 < 2:12.1.0-1 | 2:12.1.0-1 |
| vmware | open-vm-tools | >= 0 < 2:12.1.0-1 | 2:12.1.0-1 |
| vmware | open-vm-tools | >= 0 < 2:12.1.0-1 | 2:12.1.0-1 |
| vmware | tools | >= 10.0.0 < 12.1.0 | 12.1.0 |
| vmware | tools | >= 10.0.0 < 10.3.25 | 10.3.25 |
| vmware | tools | >= 11.0.0 < 12.1.0 | 12.1.0 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH