Published: 16/10/2018 Updated: 02/06/2022

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x prior to 14.1.3) and Fusion (10.x prior to 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware workstation
vmware fusion
vmware esxi 6.0
vmware esxi 6.5
vmware esxi 6.7

Party like it's 1989... SVGA code bug haunts VMware's house, lets guests flee to host OS

The Register • Richard Chirgwin • 17 Oct 2018

Malicious code in VMs can leap over ESXi, Workstation, Fusion hypervisor security

Get busy, VMware admins and users: the virtualisation virtuoso has patched a programming blunder in ESXi, Workstation Pro and Player, and Fusion and Fusion Pro products that can be exploited by malicious code to jump from guest OS to host machine. The bug, disclosed here, is designated CVE-2018-6974. The out-of-bounds read is present in the products' SVGA video device emulation, and if exploited, allows software within a guest operating system to execute code on the host machine. In other words,...

CVE-2018-6974

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect