CVE-2022-31676

A vulnerability was found in VMware Tools 10.x.y/11.x.y/12.0.x. It has been classified as critical  as a malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

It is important that vSphere admins immediately provide the new tools to the virtual guests. The process defers between 6.7 (which gets soon into end of support!) and 7.0.


vSphere 6.7

With vSphere 6.7 you have to download the VMware Tools from here.

You should look for the Offline VIB bundle as you need to upload the ZIP file into vSphere Update Manager. After uploading you can see two versions in the update manager database. One for vSphere 6.5 and 6.7 and one for vSphere 7 and 8.

As the next step, you need to create a new patch baseline which include the package with the ID “TOOLS-20220823” and assign it to your hosts.

And run the compliance check

For the last step, you need to install the assigned baseline on the hosts. No reboot will be required!


vSphere 7

With vSphere 7 you can simply add the VMware Tools as additional component to the cluster image. The new VMware Tool package should already be present in your Lifecycle Manager database.

After editing the image the image compliance will be checked automatically and the hosts will be shown as non-compliant. You can remediate them all without the need of host maintenance and reboot.


Tools update

After upgrade your vSphere 6.7 or vSphere 7 the guests will show that a new VMware tool version is available.

After installing the VMware tool update you can see that the tool version has changed to version 12320

You may also like...

Leave a Reply

Your email address will not be published.