Vulnerability Alert - VMWare
VMWare published two security advisories that addresses three vulnerabilities that affect VMWare products.
Two of the vulnerabilities affect the product VMware vRealize Network Insight (vRNI) - one of them is critical (CVE-2022-31702) and the other one is classified as important severity (CVE-2022-31703).
The other vulnerability is critical as well (CVE-2022-31705) and it affects VMware ESXi, Workstation and Fusion.
Among other consequences, it allows a malicious unauthenticated actor to execute arbitrary code.
It is recommended to upgrade the products:
- VMware vRealize Network Insight (vRNI) versions 6.2 / 6.3 / 6.4 / 6.5.1 / 6.6 e 6.7 (or latest);
- VMware Workstation Pro / Player (Workstation) version 16.2.5 (or latest);
- VMware Fusion Pro / Fusion (Fusion) version 12.2.5 (or latest);
- VMware ESXi versions 7.0 Update 3i / 8.0a (or latest).