VMware this week released patches to address an important-severity vulnerability in the VMware Tools suite of utilities.

The virtualization giant VMware this week released patches to address an important-severity flaw, tracked as CVE-2022-31676, which impacts the VMware Tools suite of utilities.

VMware Tools is a set of services and modules that enable several features in company products for better management of, and seamless user interactions with, guests operating systems.

An attacker with local non-administrative access to the Guest OS can trigger the CVE-2022-31676 flaw to escalate privileges on a compromised system.

“VMware Tools was impacted by a local privilege escalation vulnerability.” reads the advisory “A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine,”

The flaw impacts Tools on both Windows and Linux platforms, fixed version released by the company are 12.1.0 and 10.3.25.

Follow me on Twitter: @securityaffairs and Facebook

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}

try {
window._mNHandle.queue.push(function (){
window._mNDetails.loadTag(“816788371”, “300×250”, “816788371”);
});
}
catch (error) {}
Pierluigi Paganini

(SecurityAffairs – hacking, privilege escalation)

The post VMware fixed a privilege escalation issue in VMware Tools appeared first on Security Affairs.