CVE-2024-22254

Summary

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.

Affected Software

VendorProductVersion RangeStatus
n/aVMware ESXi8.0 < ESXi80U2sb-23305545affected
n/aVMware ESXi8.0 < ESXi80U1d-23299997affected
n/aVMware ESXi7.0 < ESXi70U3p-23307199affected
n/aVMware Cloud Foundation5.xaffected
n/aVMware Cloud Foundation4.xaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References