New local privilege escalation vulnerability in VMware Tools

New local privilege escalation vulnerability in VMware Tools

On August 23rd 2022, VMware confirmed an important-rated security vulnerability affecting VMware Tools. This local privilege escalation vulnerability impacts Open VM Tools as well.

VMware Tools vulnerability: CVE-2022-31676

Identified as CVE-2022-31676, this VMware Tools vulnerability can allow a potential attacker with local non-administrative access to the guest operating system (virtual machine) to escalate privileges as a root user in the VM.

VMware has evaluated it as an important severity vulnerability with a maximum CVSSv3 base score of 7.0 out of 10.

It affects a priori the following versions:

  • 11.x.y and 12.x.y on Windows.
  • 10.x.y, 11.x.y and 12.x.y on Linux.

This local privilege escalation exploit can affect VMs housing important corporate data, user credentials and critical applications. Therefore, it is imperative to apply the patch matching the VM’s operating system and the VMware Tools version installed in the OS as soon as possible to avoid compromise.

VMware recommends the following updates:

VMware Tools versionUpdate to
Versions 12.x.y and 11.x.y on WindowsVersion 12.1.0
Versions 12.x.y and 11.x.y on LinuxVersion 12.1.0*
Version 10.x.y on LinuxVersion 10.3.25

*Fixed version 12.1.0 may differ based on the Linux distribution version and vendor (update from September 2, 2022).

Patches

**Linux vendors will distribute a version of open-vm-tools addressing this vulnerability (update from September 2, 2022).

References

VMware Tools

VMware Tools is a set of services and components that enable several features in certain VMware products. These tools are intended for improving management and ensuring seamless user interactions with guest OS.

There are different types of VMware Tools:

  • ISO images. A collection of ISO images containing installers that are mounted to virtual machines. Compatible with Windows, Linux (known as “tar tools”), Solaris, FreeBSD, Mac OS X, and other supported guests.
  • OS Specific Packages (OSP). Binary packages for particular Linux distributions. They are usually available for older releases.
  • Open VM Tools (OVT). The open source implementation of VMware Tools for Linux. Open VM Tools are usually included in recent versions of popular Linux distributions.

Share it on Social Media!