Multiple vulnerabilities have been identified in VMWare products. The first vulnerability tracked as CVE-2022-31696, is a memory corruption vulnerability in the way ESXi handles a network socket. An adversary with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.

The second vulnerability tracked as CVE-2022-31697, is an information disclosure vulnerability in the way vCenter Server logs. Some logging contains credentials in clear text. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation.

The third vulnerability tracked as CVE-2022-31698 is a Denial of Service (DoS) vulnerability in the vCenter Server’s content library service.  An adversary with network access to TCP 443 on the vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.

The fourth vulnerability tracked as CVE-2022-31699 is a heap overflow vulnerability in ESXi. An adversary with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.