The virtualization giant VMware this week released patches to address an important-severity flaw, tracked as CVE-2022-31676, which impacts the VMware Tools suite of utilities.
VMware Tools is a set of services and modules that enable several features in company products for better management of, and seamless user interactions with, guests operating systems.
An attacker with local non-administrative access to the Guest OS can trigger the CVE-2022-31676 flaw to escalate privileges on a compromised system.
“VMware Tools was impacted by a local privilege escalation vulnerability.” reads the advisory “A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine,”
The flaw impacts Tools on both Windows and Linux platforms, fixed version released by the company are 12.1.0 and 10.3.25.
Follow me on Twitter: @securityaffairs and Facebook
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, privilege escalation)