Published: 09/01/2016 Updated: 07/12/2016

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 6.3 | Impact Score: 3.4 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x prior to 11.1.2, VMware Player 7.x prior to 7.1.2, VMware Fusion 7.x prior to 7.1.2, and VMware ESXi 5.0 up to and including 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware player 7.1.1
vmware player 7.0
vmware player 7.1
vmware workstation 11.0
vmware workstation 11.1
vmware workstation 11.1.1
vmware esxi 5.0
vmware esxi 5.1
vmware esxi 6.0
vmware esxi 5.5
vmware fusion 7.1.1
vmware fusion 7.1
vmware fusion 7.0

Patch now: VMware Tools for Windows root holes fixed in update

The Register • Richard Chirgwin • 08 Jan 2016

ESXi, Fusion, Player and Workstation have in-guest privilege escalation bug

VMware sysadmins, get patching: the virtualisation outfit has released updates to its ESXi, Fusion, Player and Workstation software to block out a privilege-escalation vulnerability. The patch applies to VMware Windows Workstation versions before 11.1.2, Player and Fusion versions prior to 7.1.2, and various ESXi versions depending on their patch level: CVE-2015-6933 is a kernel memory corruption vulnerability in the tools' Shared Folders feature that can be exploited by software to escalate its...

CVE-2015-6933

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect