PT-2022-5817 · Vmware · Vmware Esxi

Reno Robert

Published

2022-12-08

Updated

2024-10-09

CVE-2022-31696

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions VMware ESXi (affected versions not specified)

Description The issue is related to a memory corruption vulnerability in the way VMware ESXi handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory, leading to an escape of the ESXi sandbox. This could potentially allow an attacker to execute arbitrary code with elevated privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

BDU:2022-07223

CVE-2022-31696

ZDI-22-1686

Affected Products

Vmware Esxi

PT-2022-5817 · Vmware · Vmware Esxi

CVE-2022-31696

Weakness Enumeration

Related Identifiers

Affected Products

References · 12