June 6, 2023

VMware issued patches to address a code execution vulnerability, tracked as CVE-2022-31680 with CVSS score of 7.2 in vCenter Server.

The security issue is an unsafe deserialization vulnerability that resides in the platform services controller and impacts only vCenter Server 6.5 with an external PSC, it was addressed with the release of VMware vCenter Server 6.5 U3u.

Advertisements

VMware also addressed a a null-pointer dereference vulnerability, tracked as CVE-2022-31681 with a CVSS score 3.8, in the VMware ESXi bare metal hypervisor.

A hacker with privileges within the VMX process only, may create a denial of service condition on the host.

The vulnerability is been addressed with the release of ESXi70U3sf-20036586, ESXi670-202210101-SG, and ESXi650-202210101-SG versions.

VMware is not aware of attacks in the wild exploiting the above vulnerabilities

Tags:

Leave a Reply

You may have missed

Moveit Attributed to Lace Tempest

Moveit Attributed to Lace Tempest

June 6, 2023
Byte Code Bites PYPI

Byte Code Bites PYPI

June 5, 2023
Enzo Biochem Suffers a Data Breach

Enzo Biochem Suffers a Data Breach

June 5, 2023
BlackSuit Ransomware Dissection

BlackSuit Ransomware Dissection

June 4, 2023
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – May, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – May, 2023

June 4, 2023
Cisco buys Armorblox

Cisco buys Armorblox

June 3, 2023
%d bloggers like this: