Main Vulnerability Database Vulnerabilities #VU9929

#VU9929 Security restrictions bypass in VMware Fusion and VMware Workstation - CVE-2017-4945

Published: January 10, 2018

Vulnerability identifier: #VU9929

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2017-4945

CWE-ID: CWE-264

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
VMware Fusion
VMware Workstation

Software vendor:
VMware, Inc

Description

The vulnerability allows an adjacent attacker to gain unauthorized access to the target system.

The weakness exists due to insufficient security restrictions. An adjacent attacker can bypass certain security restrictions and gain access to a guest system that may result in further attacks.

Remediation

Install update from vendor's website.

External links

https://www.vmware.com/security/advisories/VMSA-2018-0003.html

#VU9929 Security restrictions bypass in VMware Fusion and VMware Workstation - CVE-2017-4945

Description

Remediation

External links

Please verify you're human