Multiple vulnerabilities in Vmware ESXi, Workstation and Fusion
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2019-5518 CVE-2019-5519 |
| CWE-ID | CWE-119 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
VMware Fusion Client/Desktop applications / Virtualization software VMware Workstation Client/Desktop applications / Virtualization software VMware ESXi Operating systems & Components / Operating system |
| Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU22408
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5518
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the virtual USB 1.1 UHCI (Universal Host Controller Interface). An attacker with physical access to a virtual machine with a virtual USB controller present can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsVMware Fusion: 10.0 - 11.0.2
VMware Workstation: 14.0 - 15.0.3
VMware ESXi: 6.0 - 6.7
External linkshttp://www.vmware.com/security/advisories/VMSA-2019-0005.html
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Time-of-check Time-of-use (TOCTOU) Race Condition
EUVDB-ID: #VU22409
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5519
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerabity exists due to the Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). An attacker with physical access to a virtual machine with a virtual USB controller present can execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsVMware Fusion: 10.0 - 11.0.2
VMware Workstation: 14.0 - 15.0.3
VMware ESXi: 6.0 - 6.7
External linkshttp://www.vmware.com/security/advisories/VMSA-2019-0005.html
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
