"VMware NSX Data Center Flaw Can Expose Virtual Systems to Attacks"

VMware has released a patch for a high-severity vulnerability discovered in NSX Data Center for vSphere. It affects the NSX Edge appliance component, a virtual router placed at the edge of the tenant network that enables communication between virtual data centers and the outside world. The vulnerability, tracked as CVE-2022-22945, has been given a CVSS score of 8.8. Its exploitation could allow an attacker to remotely execute arbitrary operating system commands as root. In addition to gaining unrestricted access to the underlying operating system, exploiting the vulnerability could enable an attacker to install malware on the virtual device and gain network access to virtual servers, including for network traffic capture and man-in-the-middle (MITM) attacks. This article continues to discuss the patching, potential exploitation, and impact of the VMware NSX vulnerability.

Security Week reports "VMware NSX Data Center Flaw Can Expose Virtual Systems to Attacks"