Uncontrolled Search Path Vulnerability in VMware Tools for Windows
CVE-2022-22943

6.7MEDIUM

Key Information:

Vendor: Vmware
Status: Vmware Tools For Windows
Vendor: CVE Published:; 3 March 2022

What is CVE-2022-22943?

VMware Tools for Windows versions 11.x.y and 10.x.y before 12.0.0 are vulnerable due to an uncontrolled search path issue that could allow a malicious actor with local administrative privileges within the Windows guest operating system to execute arbitrary code with elevated system privileges. This vulnerability poses a significant risk as it may enable attackers to gain unauthorized access and control over critical system functions within the environment where VMware Tools is installed.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

VMware Tools for Windows VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0)

References

https://www.vmware.com/security/advisories/VMSA-2022-0007...

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 3, 2022
Vulnerability Reserved
Jan 10, 2022

JSON

Vmware

What is CVE-2022-22943?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.