VMware has released Critical ESXi, Workstation, and Fusion security updates that address multiple vulnerabilities.
According to the VMware update VMSA-2022-0004, five vulnerabilities (CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050) were patched in VMware ESXi, Workstation, and Fusion products.
The issues range from CVSS score of 5.3 to 8.4, but overall rated Critical:
- CVE-2021-22040: Use-after-free vulnerability in XHCI USB controller (CVSS 8.4)
- CVE-2021-22041: Double-fetch vulnerability in UHCI USB controller (CVSS 8.4)
- CVE-2021-22042: ESXi settingsd unauthorized access vulnerability (CVSS 8.2)
- CVE-2021-22043: ESXi settingsd TOCTOU vulnerability (CVSS 8.2)
- CVE-2021-22050: ESXi slow HTTP POST denial of service vulnerability (CVSS 5.3).
Of special note, the first two and most severe of the vulnerabilities could allow an attacker to execute code.
“A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host,” VMware warned in the advisory.
In addition, VMware released another security advisory for a VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945). This issue was rated Important.