CVE-2022-31699: 
vSphere ESXi Hypervisor vulnerability analysis and mitigation

CVE-2022-31699 is a heap-overflow vulnerability affecting VMware ESXi, discovered and disclosed in December 2022. The vulnerability impacts VMware ESXi versions 7.0, 6.7, and 6.5, with ESXi 8.0 being unaffected. This security flaw was reported by 01dwang & bibi from the Bugab00 team (VMware Advisory).

The vulnerability is classified with a CVSSv3 base score of 4.2, indicating moderate severity. It specifically affects the OpenSLP service in VMware ESXi. The vulnerability exists within a sandbox process where heap overflow conditions can occur. VMware has evaluated this as a moderate severity issue, with the attack complexity being high and requiring local access with restricted privileges (VMware Advisory).

If successfully exploited, this vulnerability allows a malicious local actor with restricted privileges within a sandbox process to achieve partial information disclosure. The impact is limited to information exposure, with no direct system compromise capabilities (NVD, VMware Advisory).

VMware has released patches for affected versions: ESXi70U3si-20841705 for version 7.0, ESXi670-202210101-SG for version 6.7, and ESXi650-202210101-SG for version 6.5. Additionally, VMware recommends disabling the OpenSLP service in ESXi if it is not used, noting that this service is disabled by default starting from ESXi 7.0 U2c and ESXi 8.0 (VMware Advisory).