Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 05/03/2024 Updated: 05/03/2024

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.

VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion

BleepingComputer • Bill Toulas • 06 Mar 2024

VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion By Bill Toulas March 6, 2024 10:39 AM 3 VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system. These types of flaws are critical as they could permit attackers to gain unauthorized access to the host system where a hypervisor is installed or acces...

CVE-2024-22253

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect