Heap-Overflow Vulnerability Impacting Multiple VMware Products

 

GTIC-SB-202201-001: Heap-Overflow Vulnerability Impacting Multiple VMware Products   Intents: Threat Report   Tags: Admiralty Code - Completely reliable, Admiralty Code - Confirmed by other sources, Targeted Technology - VMWare, Theme - Vulnerability Intelligence, gtic-pap:EVDA   Summary CVE: CVE-2021-22045 CVSS: 7.7 Affected Products: VMware ESXi, VMware Workstation, VMware Fusion, VMware Cloud Foundation   VMware released a security advisory regarding a heap-overflow vulnerability in multiple products. CVE-2021-22045 is due to how virtual machines emulate CD-ROM devices in virtual machines. Successful exploitation of this vulnerability requires a CD image to be attached to the targeted machine.   At this time, VMware is unaware of any attackers attempting to exploit this vulnerability in the wild. Analysis Affected Products   A matrix of affected products and versions can be found here .   Potential Impact   Successful exploitation of this vulnerability could allow an attacker with access to a virtual machine with an emulated CD-ROM device to exploit this vulnerability to execute code on the hypervisor from a targeted virtual machine. Recommendations VMware released updates which address this vulnerability in the affected products. VMware also released workarounds which can be used as temporary solutions until the updates are deployed. Workaround for VMware ESXi Hosts Workaround for VMware Workstation VM Workaround for VMware Fusion VM NTT recommends organizations apply the update for affected products after conducting the appropriate evaluation and testing. References https://www.vmware.com/security/advisories/VMSA-2022-0001.html https://kb.vmware.com/s/article/87249 https://kb.vmware.com/s/article/87206 https://kb.vmware.com/s/article/87207