Uncontrolled Search Path Vulnerability in VMware Tools for Windows
CVE-2022-22943
6.7MEDIUM
Key Information:
- Vendor
Vmware
- Status
- Vendor
- CVE Published:
- 3 March 2022
What is CVE-2022-22943?
VMware Tools for Windows versions 11.x.y and 10.x.y before 12.0.0 are vulnerable due to an uncontrolled search path issue that could allow a malicious actor with local administrative privileges within the Windows guest operating system to execute arbitrary code with elevated system privileges. This vulnerability poses a significant risk as it may enable attackers to gain unauthorized access and control over critical system functions within the environment where VMware Tools is installed.
Affected Version(s)
VMware Tools for Windows VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0)