VMware released an update to VMware Tools to address a local privilege escalation vulnerability. The vulnerability could allow an attacker to claim root user privileges on the virtual machine. This would allow them to further enter your organization's IT infrastructure and modify permissions or create future backdoors, which in turn could compromise sensitive or business-critical data and files, cause disruptions in operations or even cause a full-on crash.
Update Vulnerable Devices
The local privilege escalation vulnerability in VMware Tools, tracked as CVE-2022-31676, received a CVSS base score of 7.0 and allows A malicious actor with local non-administrative access to the Guest OS to escalate privileges as a root user in the virtual machine. It has been fixed in the 12.1.0 and 10.3.25 versions. Any older versions of VMware Tools 10, 11, or 12 are still vulnerable. Please note that VMware Tools 10.3.25 only applies to the older Linux releases. You can find detailed instructions on VMware's advisory page.
Find Vulnerable VMware Tools Installs
To help with mitigating the risk of this vulnerability as soon as possible, we've created a report to list all instances of VMware Tools in your network that have not been patched yet. This gives you an actionable list of devices that still need to be updated.