wmware

VMware Fixed CVE-2021-22045 Heap-Overflow in Workstation, Fusion and ESXi

VMware addressed a heap-overflow issue (CVE-2021-22045) in Workstation, Fusion and CVE-2021-22045 products that can lead to code execution on the hypervisor.

VMware released security updates to address a heap-overflow vulnerability, tracked as CVE-2021-22045, in its Workstation, Fusion and ESXi products. VMware has addressed the vulnerability with the release of ESXi670-202111101-SG, ESXi650-202110101-SG, Workstation 16.2.0, and Fusion 12.2.0.

According to the company, the security vulnerability exists in the CD-ROM device emulation function of the above products. An attacker with access to a virtual machine that has CD-ROM device emulation enabled can chain this vulnerability with other flaws to execute code on the hypervisor from a virtual machine.

“The CD-ROM device emulation in VMware Workstation, Fusion and ESXi has a heap-overflow vulnerability.” reads the advisory published by the company. “A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine.”

The vulnerability was privately reported to VMware and received a CVSS score of 7.7.

The virtualization giant also provided mitigation for this issue that consists of disabling or disconnecting the CD-ROM/DVD devices on all running virtual machines. Below is the step-by-step procedure:

1) Log in to a vCenter Server system using the vSphere Web Client. 2) Right-click the virtual machine and click Edit Settings. 3) Select the CD/DVD drive and uncheck “Connected” and “Connect at power on” and remove any attached ISOs.

To list the virtual machines that have a CD-ROM/DVD connected, admins can use Powercli.

The following command will list all VMs with a connected device.

Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent

To remove and disconnect an attached CD-ROM/DVD device, run the command below.

Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Set-CDDrive -NoMedia -confirm:$false

Affected products are Workstation 16.x, and Fusion 12.x, ESXi 6.5, 6.7, and 7 versions, and VMware Cloud Foundation.

The company recommends customers to apply the security updates as soon as possible.


Source: https://securityaffairs.co/wordpress/126352/security/vmware-cve-2021-22045-heap-overflow.html


If you are interested in this content, you can follow my LinkedIn and Twitter accounts and access more content.


Join our list

Sign up for the e-mail list to be informed about the developments in the cyber world and to be informed about the weekly newsletter.

Haber bültenine kaydolduğunuz için teşekkürler!

Something went wrong.

Leave a Comment

VMware, Workstation, Fusion ve ESXi'de CVE-2021-22045 Yığın Taşmasını Düzeltti

2 min