VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x prior to 15.0.4, 14.x prior to 14.1.7), Fusion (11.x prior to 11.0.3, 10.x prior to 10.1.6) contain an out-of-bounds read/write vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an malicious user to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware esxi 6.0 |
||
vmware esxi 6.5 |
||
vmware esxi 6.7 |
||
vmware workstation |
||
vmware fusion |