VMware Tools for Windows update addresses Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867)
By JM Lopez
VMware released security advisory VMSA-2023-0013 with Low severity affecting VMware Tools for Windows.
The fix is available in VMware Tools for Windows v12.2.5 in the VSS-Windows Content Library as Item VMware-Tools-windows-12.2.5-21855600.iso. Please, use the VSS Portal or the VSS CLI to mount the ISO and Install the patched version.
How-To Remediate
Windows
ITS Private Cloud CLI
Mount the VMware Tools ISO
VMware-Tools-windows-12.2.5-21855600with thevss-cli:vss-cli compute vm set <id> cd up --backing VMware-Tools-windows-12.2.5-21855600 1Proceed with the installation in the OS.
ITS Private Cloud Portal
Login to the
https://cloud-portal.eis.utoronto.caLook for your VM and click on the
Editbutton.Mount the VMWare Tools ISO
VMware-Tools-windows-12.2.5-21855600.Proceed with the installation in the OS.
References
, multiple selections available,
Related content
VMware Tools for Windows update addresses an authentication bypass vulnerability (CVE-2025-22230)
VMware Tools for Windows update addresses an authentication bypass vulnerability (CVE-2025-22230)
More like this
How-to Install VMware Tools on Windows Based Virtual Machines
How-to Install VMware Tools on Windows Based Virtual Machines
More like this
How-to Verify VMware Tools version
How-to Verify VMware Tools version
More like this
How-to Install Open VMware Tools (open-vm-tools) on *nix Guest Operating Systems
How-to Install Open VMware Tools (open-vm-tools) on *nix Guest Operating Systems
More like this
How-to Upgrade a virtual machine to the latest supported hardware version
How-to Upgrade a virtual machine to the latest supported hardware version
More like this
Virtual Machines (VMs) behaving abnormally after Storage Incident
Virtual Machines (VMs) behaving abnormally after Storage Incident
More like this
University of Toronto - Since 1827