CVE-2022-31681: VMSA-2022-0025

Advisory ID: VMSA-2022-0025

CVSSv3 Range: 3.8-7.2

Issue Date: 2022-10-06

Updated On: 2022-10-06 (Initial Advisory)

CVE(s): CVE-2022-31680, CVE-2022-31681

Synopsis: VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2022-31680, CVE-2022-31681)

Share this page on social media

Sign up for Security Advisories

****1. Impacted Products****

• VMware ESXi

• VMware vCenter Server (vCenter Server)

• VMware Cloud Foundation (Cloud Foundation)

****2. Introduction****

Multiple vulnerabilities in VMware ESXi and vCenter Server were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

****3a. VMware vCenter Server platform services controller unsafe deserialization vulnerability (CVE-2022-31680)****

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.

A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.

To remediate CVE-2022-31680 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.

This issue impacts only vCenter Server 6.5 with an external PSC.

VMware would like to thank Marcin “Icewall” Noga of Cisco Talos for reporting this vulnerability to us.

Product

Version

Running On

CVE Identifier

CVSSv3

Severity

Fixed Version

Workarounds

Additional Documentation

vCenter Server

7.0

Any

CVE-2022-31680

N/A

N/A

Not impacted

N/A

N/A

vCenter Server

6.7

Any

CVE-2022-31680

N/A

N/A

Not impacted

N/A

N/A

vCenter Server

6.5

Any

CVE-2022-31680

7.2

important

6.5 U3u

None

None

****3b. VMware ESXi null-pointer dereference vulnerability (CVE-2022-31681)****

VMware ESXi contains a null-pointer deference vulnerability. VMware has evaluated the severity of this issue to be in the Low severity range with a maximum CVSSv3 base score of 3.8.

A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.

To remediate CVE-2022-31681 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.

VMware would like to thank VictorV (Tangtianwen) of Cyber Kunlun Lab for reporting this vulnerability to us.

Impacted Product Suites that Deploy Response Matrix 3b Components:

Product

Version

Running On

CVE Identifier

CVSSv3

Severity

Fixed Version

Workarounds

Additional Documentation

Cloud Foundation (ESXi)

4.x

Any

CVE-2022-31681

3.8

low

KB88695

None

None

Cloud Foundation (ESXi)

3.x

Any

CVE-2022-31681

3.8

low

KB89692

None

None

****4. References****

****5. Change Log****

**2022-10-06 VMSA-2022-0025
**Initial security advisory.

****6. Contact****