Risk | Low |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2019-11135 CVE-2018-12207 |
CWE-ID | CWE-399 CWE-119 |
Exploitation vector | Local network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
VMware Fusion Client/Desktop applications / Virtualization software VMware Workstation Client/Desktop applications / Virtualization software VMware ESXi Operating systems & Components / Operating system |
Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU22704
Risk: Low
CVSSv3.1: 5.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-11135
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the TSX Asynchronous Abort (TAA) in Intel CPUs. The TAA condition, on some microprocessors utilizing speculative execution, may allow an authenticated user to potentially enable information disclosure via a side channel. MitigationInstall the following updates:
ESXi 6.7 Patch Release ESXi670-201911001
ESXi 6.5 Patch Release ESXi650-201911001
ESXi 6.0 Patch Release ESXi600-201911001
VMware Workstation 15.5.1
VMware Fusion 11.5.1
VMware Fusion: 11.0.0 - 11.5.0
VMware Workstation: 15.0.0 - 15.5.0
VMware ESXi: 6.0 - 6.7
External linkshttp://www.vmware.com/security/advisories/VMSA-2019-0020.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU22712
Risk: Low
CVSSv3.1: 4.2 [CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12207
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the mechanism responsible for error handling on some Intel platforms. A local user of a guest operating system can use a specially crafted application to trigger memory corruption and cause the host system to stop responding.
Successful exploitation of this vulnerability may result in a denial of service (DoS) attack.
Below is the list of processor families that are affected by this vulnerability:
Client:
Server:
Install the following updates:
ESXi 6.7 Patch Release ESXi670-201911001
ESXi 6.5 Patch Release ESXi650-201911001
ESXi 6.0 Patch Release ESXi600-201911001
VMware Workstation 15.5.1
VMware Fusion 11.5.1
VMware Fusion: 11.0.0 - 11.5.0
VMware Workstation: 15.0.0 - 15.5.0
VMware ESXi: 6.0 - 6.7
External linkshttp://www.vmware.com/security/advisories/VMSA-2019-0020.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.