VMware Tools for Windows (11.x.y before 11.2.6), VMware Remote Console for Windows (12.x before 12.0.1) , VMware App Volumes (2.x before 2.18.10 and 4 before 2103) contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as `openssl.cnf' in an unrestricted directory which would allow code to be executed with elevated privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware remote console |
||
vmware app volumes |
||
vmware tools |