CVE-2022-31693

Name of the Vulnerable Software and Affected Versions VMware Tools for Windows versions 10.x.y through 12.1.4 VMware Tools for Windows versions 11.x.y

Description The issue is related to insufficient input validation in the VM3DMP driver of VMware Tools for Windows, which can lead to a denial-of-service condition. A malicious actor with local user privileges in the Windows guest OS can trigger a PANIC in the VM3DMP driver, causing the denial-of-service condition.

Recommendations For versions 10.x.y through 12.1.4, update to version 12.1.5 or later. For versions 11.x.y, update to version 12.1.5 or later. As a temporary workaround, consider disabling the VM3DMP driver until a patch is available.