Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Micro 5.5 package open-vm-tools, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2023-34059 — CVSS 7.4 (high): open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges…
CVE-2023-34058 — CVSS 7.1 (high): VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges…
CVE-2025-22247 — CVSS 6.1 (medium): VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may…