Insufficient Control Flow Management in Ethernet 500 Series Controller drivers for VMware and Ethernet 700 Series Controller drivers for VMWare - CVE-2022-21793
Published: August 15, 2022
Vulnerability identifier: #VU66487
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-21793
CWE-ID: CWE-691
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
Ethernet 500 Series Controller drivers for VMware
Ethernet 700 Series Controller drivers for VMWare
Ethernet 500 Series Controller drivers for VMware
Ethernet 700 Series Controller drivers for VMWare
Detailed vulnerability description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient control flow management. A local user can cause a denial of service condition on the target system.
How to mitigate CVE-2022-21793
Install updates from vendor's website.