Privilege Escalation Flaw Haunts VMware Tools


Virtualization technology software giant VMware on Tuesday released patches to fix an important-severity security flaw in the VMware Tools suite of utilities.

Virtualization technology software giant VMware on Tuesday released patches to fix an important-severity security flaw in the VMware Tools suite of utilities.

The vulnerability, tracked as CVE-2022-31676, could be exploited by attackers to escalate privileges on a compromised system.

“VMware Tools was impacted by a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine,” VMWare said in an advisory.

VMware Tools is a suite of utilities used to enhance the performance of the virtual machine’s guest operating system and improves management of the virtual machine. 

The company said the flaw affects VMware Tools on both Windows and Linux platforms.


By SecurityWeek News on Tue, 23 Aug 2022 18:32:24 +0000
Original link