Two important vulnerabilities ( CVSSv3 score > 7) in VMware ESXi, vCenter Server & Cloud Foundation

The leader in virtualization and cloud computing technologies, VMware, has released a security fix for two vulnerabilities in its vCenter Server software that might help attackers target numerous enterprises like last year. For the impacted VMware products, updates are readily accessible to address these issues.

Vulnerable Products include
  • VMware ESXi
  • VMware vCenter Server (vCenter Server)
  • VMware Cloud Foundation (Cloud Foundation)
  1. Vulnerability in the VMware vCenter Server platform services controller’s deserialization process (CVE-2022-31680) .A dangerous deserialization vulnerability in the PSC of the vCenter Server exists (Platform services controller). With a maximum CVSSv3 base score of 7.2, VMware determined this issue’s severity to be in the Important severity level.

Common Attack Techniques

This vulnerability might be used by a hostile actor that has administrative access to the vCenter server to run malicious script on the host operating system. Apply the fixes  to address CVE-2022-31680.

2. Vulnerability in the controller for the platform services of VMware vCenter Server (CVE-2022-31680)
There is a PSC unsafe deserialization vulnerability in the vCenter Server (Platform services controller). According to VMware, this problem has a maximum CVSSv3 base score of 7.2 and falls into the Important severity category.

Common Attack Techniques

A hostile actor who has administrative access to the vCenter server may take advantage of this vulnerability to run arbitrary code on the operating system that is powering the vCenter Server. Use the fixes to address CVE-2022-31680.

Users of vCenter Server should apply the fixes as soon as possible since threat actors frequently target these kinds of servers. Many of the thousands of vCenter servers that are generally accessible through the internet could be obvious weaknesses in a cyberattack.