Heap Overflow Vulnerability in VMware ESXi and Workstation Products
CVE-2021-22045

7.8HIGH

Key Information:

Vendor: Vmware
Status: Vmware Esxi, Vmware Workstation And Vmware Fusion
Vendor: CVE Published:; 4 January 2022

What is CVE-2021-22045?

A heap overflow vulnerability exists in VMware ESXi, Workstation, and Fusion related to CD-ROM device emulation. Malicious actors with access to a vulnerable virtual machine could exploit this flaw, potentially leading to code execution on the hypervisor. Products affected include VMware ESXi versions 7.0, 6.7 (prior to ESXi670-202111101-SG), 6.5 (prior to ESXi650-202110101-SG), VMware Workstation 16.2.0, and VMware Fusion 12.2.0, emphasizing the need for prompt updates and security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

VMware ESXi, VMware Workstation and VMware Fusion VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0)