Tuesday, October 15, 2024
HomeCyber Security NewsVMware Security Vulnerabilities Leads to Code Execution and Cause DoS Condition

VMware Security Vulnerabilities Leads to Code Execution and Cause DoS Condition

Published on

Malware protection

Vmware fixed multiple security vulnerabilities that may lead to code execution, information disclosure and DoS condition with normal user privileges.

Products Affected

  • VMware vSphere ESXi (ESXi)
  • VMware Workstation Pro / Player (Workstation)
  • VMware Fusion Pro / Fusion (Fusion)

Vmware Security Vulnerabilities

The Out-of-bounds read/write vulnerabilities resides in the pixel shader functionality of the VMware ESXi, Workstation and Fusion, the vulnerability can be tracked as

  • CVE-2019-5521 – Out-of-bounds read vulnerability – CVSSv3 = 6.3-7.7
  • CVE-2019-5684 – Out-of-bounds write vulnerability – CVSSv3 = 8.5

Vulnerability Exploitation

To exploit the vulnerability an attacker could have access to the virtual machine with 3D graphics enabled. By default, it is enabled with Workstation Pro and Fusion Pro.

- Advertisement - SIEM as a Service

The Out-of-bounds read vulnerability allows attackers to read sensitive information from other memory locations. This may lead to information disclosure and an attacker could cause DoS attack condition with normal user privileges.

The out-of-bounds writes data past the end, or before the beginning, this vulnerability can be exploited only if the host has an affected NVIDIA graphics driver. Successful exploitation of the attack allows an attacker to executed code on the host.

How to Address the issue

The vulnerability can be addressed by updating to the latest version of the product and the workaround is by disabling the 3D-acceleration feature.

  • VMware vSphere ESXi (ESXi) (ESXi670-201904101-SG, ESXi650-201903001)
  • VMWare Fusion (10.1.6, 11.0.3)
  • VMWare Workstation (14.1.6, 15.0.3)

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Allegedly Selling Data Stolen from Cisco

A group of hackers reportedly sells sensitive data stolen from Cisco Systems, Inc.The...

Fortigate SSLVPN Vulnerability Exploited in the Wild

A critical vulnerability in Fortinet's FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in...

Splunk Enterprise Vulnerabilities let Attackers Execute Remote Code

Splunk has disclosed multiple vulnerabilities affecting its Enterprise product, which could allow attackers to...

OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details

Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Hackers Allegedly Selling Data Stolen from Cisco

A group of hackers reportedly sells sensitive data stolen from Cisco Systems, Inc.The...

Fortigate SSLVPN Vulnerability Exploited in the Wild

A critical vulnerability in Fortinet's FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in...

Splunk Enterprise Vulnerabilities let Attackers Execute Remote Code

Splunk has disclosed multiple vulnerabilities affecting its Enterprise product, which could allow attackers to...