CVE-2021-31693

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions VMware Tools for Windows versions prior to 12.1.5

Description The issue is related to a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS can trigger a PANIC in the VM3DMP driver, leading to a denial-of-service condition in the Windows guest OS.

Recommendations For versions prior to 12.1.5, update to version 12.1.5 or later to resolve the issue. As a temporary workaround, consider disabling the VM3DMP driver until a patch is available. Restrict access to the Windows guest OS to minimize the risk of exploitation.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2022-3246

ALT-PU-2023-4334

ALT-PU-2023-5642

ALT-PU-2024-1233

CVE-2021-31693

Affected Products

Alt Linux

Vmware Tools

CVE-2021-31693

Weakness Enumeration

Related Identifiers

Affected Products

References · 8