A heap overflow vulnerability has just been discovered in many VMware products, and it has been assigned the identifier CVE-2021-22045.
This heap overflow vulnerability affects the following VMware products:
VMware ESXi
VMware Workstation
VMware Fusion
VMware Cloud Foundation
However, VMware has already addressed this security flaw with the release of: -
ESXi670-202111101-SG
ESXi650-202110101-SG
Workstation 16.2.0
Fusion 12.2.0
About the Vulnerability:
CVE ID: CVE-2021-22045
Advisory ID: VMSA-2022-0001
CVSSv3 Range: 7.7
Issue Date: 2022-01-04
Updated On: 2022-01-04 (Initial Advisory)
Synopsis: VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)
This heap-overflow vulnerability has been discovered in VMware Workstation, Fusion, and ESXi CD-ROM device emulation. So, at this time, an attacker with access to a virtual machine with CD-ROM device emulation may exploit this security issue and execute arbitrary code on the hypervisor.
Recommendation:
VMware has released remediation for this security problem, which is detailed below:
First of all, using the vSphere Web Client log in to a vCenter Server system.
Then you have to right-click the virtual machine and click Edit Settings.
Now, select the CD/DVD drive.
After that, uncheck the “Connected” and “Connect at power on.”
Now you have to remove the ISOs that are attached.
In this section, we discussed the commands used in Powercli to retrieve a list of virtual machines that have a CD-ROM/DVD attached, as well as the command to remove and detach an associated CD-ROM/DVD device.
For getting the list of virtual machines:-
Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent
To remove an attached CD-ROM/DVD device:-
Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Set-CDDrive -NoMedia -confirm:$false
Apart from this, the firm has affirmed that once the upgrade is complete that is recommended there is no requirement to implement the workaround provided.
Source :- https://cybersecuritynews.com/heap-overflow-vulnerability-affects-multiple-vmware-products/
Comments