Vulnerabilities in VMware when chained together grants Full System Control
Vulnerabilities in VMware when chained together grants Full System Control
Threat Level
Vulnerability Report
For a detailed advisory, download the pdf file here
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to organizations about malicious actors using CVE-2022-22954 and CVE-2022-22960. This alert was published following the disclosure of two related vulnerabilities (CVE-2022-22972 and CVE-2022-22973), putting it vulnerable to future exploitation. All these flaws might be exploited separately or in combination to obtain total control.