Support Content Notification - Support Portal

VMSA-2022-0025:VMware ESXi and vCenter Server updates address multiple security vulnerabilities

Product/Component

VMware Cloud Foundation

2 more products

Notification Id

23644

Last Updated

04 October 2022

Initial Publication Date

04 October 2022

Status

CLOSED

Severity

HIGH

CVSS Base Score

3.8-7.2

WorkAround

Affected CVE

CVE-2022-31680,CVE-2022-31681

Advisory ID: VMSA-2022-0025

CVSSv3 Range: 3.8-7.2

Issue Date:2022-10-06

Updated On: 2022-10-06 (Initial Advisory)

CVE(s): CVE-2022-31680, CVE-2022-31681

Synopsis: VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2022-31680, CVE-2022-31681)

1. Impacted Products

VMware ESXi
VMware vCenter Server (vCenter Server)
VMware Cloud Foundation (Cloud Foundation)

2. Introduction

Multiple vulnerabilities in VMware ESXi and vCenter Server were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

3a. VMware vCenter Server platform services controller unsafe deserialization vulnerability (CVE-2022-31680)

Description

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.

Known Attack Vectors

A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.

Resolution

To remediate CVE-2022-31680 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.

Workarounds

None.

Additional Documentation

None.

Notes

This issue impacts only vCenter Server 6.5 with an external PSC.

Acknowledgements

VMware would like to thank Marcin "Icewall" Noga of Cisco Talos for reporting this vulnerability to us.

Response Matrix

Product	Version	Running On	CVE Identifier	CVSSv3	Severity	Fixed Version	Workarounds	Additional Documentation
vCenter Server	7.0	Any	CVE-2022-31680	N/A	N/A	Not impacted	N/A	N/A
vCenter Server	6.7	Any	CVE-2022-31680	N/A	N/A	Not impacted	N/A	N/A
vCenter Server	6.5	Any	CVE-2022-31680	7.2	important	6.5 U3u	None	None

3b. VMware ESXi null-pointer dereference vulnerability (CVE-2022-31681)

Description

VMware ESXi contains a null-pointer dereference vulnerability. VMware has evaluated the severity of this issue to be in the Low severity range with a maximum CVSSv3 base score of 3.8.

Known Attack Vectors

A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.

Resolution

To remediate CVE-2022-31681 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.

Workarounds

None.

Additional Documentation

None.

Notes

None.

Acknowledgements

VMware would like to thank VictorV (Tangtianwen) of Cyber Kunlun Lab for reporting this vulnerability to us.

Response Matrix

Product	Version	Running On	CVE Identifier	CVSSv3	Severity	Fixed Version	Workarounds	Additional Documentation
ESXi	7.0	Any	CVE-2022-31681	3.8	low	ESXi70U3sf-20036586	None	None
ESXi	6.7	Any	CVE-2022-31681	3.8	low	ESXi670-202210101-SG	None	None
ESXi	6.5	Any	CVE-2022-31681	3.8	low	ESXi650-202210101-SG	None	None

Impacted Product Suites that Deploy Response Matrix 3b Components:

Product	Version	Running On	CVE Identifier	CVSSv3	Severity	Fixed Version	Workarounds	Additional Documentation
Cloud Foundation (ESXi)	4.x	Any	CVE-2022-31681	3.8	low	KB88695	None	None
Cloud Foundation (ESXi)	3.x	Any	CVE-2022-31681	3.8	low	KB89692	None	None