CVE-2026-22722
Received
Received - Intake
Null Pointer Dereference in Windows Workstation via Authenticated User
Publication date: 2026-02-26
Last updated on: 2026-02-26
Assigner: VMware
Description
Description
A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the "Fixed version" column of the 'Response Matrix'
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vmware | workstation | From 3.2.4 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves a null pointer dereference error that can be triggered by a malicious actor who has authenticated user privileges on a Windows-based Workstation host.
How can this vulnerability impact me? :
Exploitation of this vulnerability can cause a denial of service condition by crashing the affected system or application, as indicated by the null pointer dereference error leading to high impact on availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
To remediate CVE-2026-22722, apply the patches listed in the "Fixed version" column of the 'Response Matrix'.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70