SB2018011018 - Privilege escalation in VMware Fusion and Workstation
Published: January 10, 2018
Security Bulletin ID
SB2018011018
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Adjecent network
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Privilege escalation (CVE-ID: CVE-2017-4949)
CWE-ID: CWE-416 - Use After Free
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an adjacent attacker to gain elevated privileges on the target system.
The weakness exists on the systems with IPv6 mode enabled due to use-after-free memory error in the VMware NAT service. An adjacent attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
2) Privilege escalation (CVE-ID: CVE-2017-4950)
CWE-ID: CWE-190 - Integer overflow
CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows an adjacent attacker to gain elevated privileges on the target system.
The weakness exists on the systems with IPv6 mode enabled due to integer overflow in the VMware NAT service. An adjacent attacker can trigger memory corruption and execute arbitrary code with elevated privileges.
Remediation
Install update from vendor's website.