Security Experts:

Privilege Escalation Flaw Haunts VMware Tools

Virtualization technology software giant VMware on Tuesday released patches to fix an important-severity security flaw in the VMware Tools suite of utilities.

The vulnerability, tracked as CVE-2022-31676, could be exploited by attackers to escalate privileges on a compromised system.

“VMware Tools was impacted by a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine,” VMWare said in an advisory.

VMware Tools is a suite of utilities used to enhance the performance of the virtual machine's guest operating system and improves management of the virtual machine. 

The company said the flaw affects VMware Tools on both Windows and Linux platforms.

Related: VMware Calls Attention to High-Severity vCenter Server Flaw

Related: VMware Ships Urgent Patch for Authentication Bypass Security Hole

Related: Exploit Code Published for Critical VMware Security Flaw

view counter