#VU87133 Information disclosure in VMware ESXi - CVE-2024-22255

Cybersecurity Help s.r.o.

Published: 2024-03-05 | Updated: 2024-09-04

Vulnerability identifier: #VU87133

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-22255

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
VMware ESXi
Operating systems & Components / Operating system

Vendor: VMware, Inc

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in the UHCI USB controller. A remote user with administrative access to the guest OS can read memory from the vmx process.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

VMware ESXi: before ESXi70U3p-23307199

External links
https://www.vmware.com/security/advisories/VMSA-2024-0006.html
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24266

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell PowerFlex Appliance

Multiple vulnerabilities in Dell PowerFlex Rack

Multiple vulnerabilities in Dell Custom VMware ESXi

Multiple vulnerabilities in VMware Workstation and Fusion

Multiple vulnerabilities in VMware ESXi