VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x prior to 15.5.2), and Fusion (11.x prior to 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in the hypervisor's memory. Additional conditions beyond the attacker's control need to be present for exploitation to be possible.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware esxi 6.5 |
||
vmware esxi 6.7 |
||
vmware fusion |
||
vmware workstation |
||
vmware cloud foundation |
||
vmware esxi 7.0.0 |