VMware Security Vulnerabilities Leads to Code Execution and Cause DoS Condition
Vmware fixed multiple security vulnerabilities that may lead to code execution, information disclosure and DoS condition with normal user privileges.
Products Affected
- VMware vSphere ESXi (ESXi)
- VMware Workstation Pro / Player (Workstation)
- VMware Fusion Pro / Fusion (Fusion)
The Out-of-bounds read/write vulnerabilities resides in the pixel shader functionality of the VMware ESXi, Workstation and Fusion, the vulnerability can be tracked as
- CVE-2019-5521 – Out-of-bounds read vulnerability – CVSSv3 = 6.3-7.7
- CVE-2019-5684 – Out-of-bounds write vulnerability – CVSSv3 = 8.5
Vulnerability Exploitation
To exploit the vulnerability an attacker could have access to the virtual machine with 3D graphics enabled. By default, it is enabled with Workstation Pro and Fusion Pro.
The Out-of-bounds read vulnerability allows attackers to read sensitive information from other memory locations. This may lead to information disclosure and an attacker could cause DoS attack condition with normal user privileges.
The out-of-bounds writes data past the end, or before the beginning, this vulnerability can be exploited only if the host has an affected NVIDIA graphics driver. Successful exploitation of the attack allows an attacker to executed code on the host.
How to Address the issue
The vulnerability can be addressed by updating to the latest version of the product and the workaround is by disabling the 3D-acceleration feature.
- VMware vSphere ESXi (ESXi) (ESXi670-201904101-SG, ESXi650-201903001)
- VMWare Fusion (10.1.6, 11.0.3)
- VMWare Workstation (14.1.6, 15.0.3)
This post VMware Security Vulnerabilities Leads to Code Execution and Cause DoS Condition originally appeared on GB Hackers.
