Identify VMs that have VMware Tools with the OpenSSL v3 vulnerability

In OpenSSL version 3.0.0 to 3.0.6, a critical vulnerability is found (link ). A lot of vendors use these versions of OpenSSL in their products. VMware has the following statement:

To date, no VMware products have been found to be critically impacted by CVE-2022-3602 or CVE-2022-3786. Regardless, VMware products that consume OpenSSL 3.0.x will consume 3.0.7 fixes as a precautionary measure in upcoming releases.

VMware Tools version 12.0.0 and 12.1.0 both contain the OpenSSL 3.0.x version.

VMware ToolsOpenSSL version
12.0.03.0.0
12.1.03.0.3

To quickly identify what VMs have the OpenSSL 3 vulnerability present you can use PowerCLI. The following script identifies all VMware Tools 12 versions and higher:

$vcserver = 'the FQDN of the vCenter Server name'
Connect-VIServer $vcserver
Get-VM | Where-Object {$_.Guest.ToolsVersion -ge '12.0.0'} | Select -property Name,PowerState,@{Name='Toolsversion';Expression={$_.Guest.Toolsversion}} | Sort Toolsversion
Disconnect-VIServer * -Confirm:$false

The results can be exported to a CSV file by adding the following line after the Sort ToolsVersion

export-csv c:\temp\vmwtools.csv -notypeinformation

OpenSSL v3.0.7 is released. This version will fix the critical vulnerability. The NCSC has a GitHub page (Link ) with software that is affected. Now it is time for VMware to release an updated version of VMware Tools that included the new OpenSSL version

Update: November 29, 2022

VMware Tools 12.1.5 is released. This is a maintenance release of VMware Tools to provide fixes for critical product issues and security issues:

  • Updated OpenSSL to 3.0.7
  • Updated zlib to 1.2.12 with additional fixes
  • Updated GLib to 2.56.3 with additional fixes
  • Updated libxml2 to 2.10.2
  • This release resolves CVE-2022-31693. For more information on this vulnerability and its impact on VMware products, see https://www.VMware.com/security/advisories/VMSA-2022-0029.html .

The download location can be found here .