Vmware · Vmware Tools · CVE-2022-22943
**Name of the Vulnerable Software and Affected Versions**
VMware Tools for Windows versions 10.x.y through 11.x.y prior to 12.0.0
**Description**
The issue is related to an uncontrolled search path vulnerability in VMware Tools for Windows. A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest OS due to an uncontrolled search path element.
**Recommendations**
For versions 10.x.y through 11.x.y prior to 12.0.0, update to version 12.0.0 or later to resolve the issue.
At the moment, there is no information about additional mitigation measures for this vulnerability.