vulnerability

VMSA-2022-0020: Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities (CVE-2022-28693)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:M/Au:S/C:C/I:N/A:N)	Aug 9, 2022	Aug 9, 2022	Oct 7, 2025

Severity

CVSS

(AV:L/AC:M/Au:S/C:C/I:N/A:N)

Published

Aug 9, 2022

Added

Aug 9, 2022

Modified

Oct 7, 2025

Description

Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Solutions

vmware-esxi65-upgrade-19997716vmware-esxi67-upgrade-19997733vmware-esxi700-upgrade-20036589vmware-esxi701-upgrade-20036589vmware-esxi702-upgrade-20036589vmware-esxi703-upgrade-20036589

References

CVE-2022-28693
https://attackerkb.com/topics/CVE-2022-28693
CWE-420
URL-http://www.vmware.com/security/advisories/VMSA-2022-0020.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today