Published: 20/09/2019 Updated: 23/09/2019

CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8

CVSS v3 Base Score: 9.6 | Impact Score: 5.8 | Exploitability Score: 3.1

VMScore: 490

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:P

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x prior to 15.0.3 and 14.x prior to 14.1.6) and Fusion (11.x prior to 11.0.3 and 10.x prior to 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on the host. Exploitation of this issue require an malicious user to have access to a virtual machine with 3D graphics enabled. It is not enabled by default on ESXi and is enabled by default on Workstation and Fusion.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware workstation
vmware esxi 6.5
vmware esxi 6.7
vmware fusion

Your mid-week infosec news bonanza: Cisco bugs, VMware-Nvidia guest escapes, KDE hijacking, and more

The Register • Shaun Nichols in San Francisco • 07 Aug 2019

Including: Microsoft spins up Azure security lab, offers more bug bounty cash

Roundup Before letting the IT staff clock out early for summer, make sure they read up on the following security notices out this week. Organizations using Cisco Small Business 220 Series switches should make sure the firmware on the device is up-to-date with today's update from the networking box maker. Switchzilla says the SMB switches are host to the following three serious flaws that could allow an attacker to remotely upload files to, execute code on, and inject commands into a vulnerable s...

CVE-2019-5521

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect