## https://sploitus.com/exploit?id=SAINT:EE84144729029592A2299C421448AC44
Added: 10/31/2022
### Background
[VMware Cloud Foundation](<https://www.vmware.com/products/cloud-foundation.html>) is a hybrid cloud platform.
### Problem
An XStream deserialization vulnerability in the NSM Manager component of VMware Cloud Foundation (NSX-V) allows a remote attacker to execute arbitrary commands.
### Resolution
Apply the patch referenced in [VMSA-2022-0027](<https://www.vmware.com/security/advisories/VMSA-2022-0027.html>).
### References
<https://www.vmware.com/security/advisories/VMSA-2022-0027.html>
<https://srcincite.io/blog/2022/10/25/eat-what-you-kill-pre-authenticated-rce-in-vmware-nsx-manager.html>