“Given the prevalence of attacks targeting VMware vulnerabilities and a forthcoming proof-of-concept, organizations need to make patching CVE-2022-31656 a priority. As an authentication bypass, exploitation of this flaw opens up the possibility that attackers could create very troubling exploit chains. In this same release, VMware patched three authenticated flaws that could be paired with CVE-2022-31656 to achieve remote code execution.
“Now that there is a publicly available proof-of-concept code, exploitation of this vulnerability becomes much more likely. Attackers prefer to leverage these sorts of public exploits just for the simplicity and ease of adoption, particularly with vulnerabilities that can be chained to achieve full system compromise. The researcher’s technical breakdown shows how similar CVE-2022-31656 is to CVE-2022-22972. The new PoC just skips over the filter put in place to address CVE-2022-22972.” — Claire Tills, Senior Research Engineer, Tenable