VMware Workstation and Fusion Critical Security Flaws Fixed

VMware, a leading virtualization technology company, has fixed multiple security vulnerabilities found in VMware Workstation and Fusion products. These flaws, if exploited, could allow attackers to cause a denial of service, obtain sensitive information, and execute arbitrary code. The affected versions are Workstation 17.x and Fusion 13.x, with patches available in versions 17.5.2 and 13.5.2 respectively.

CVE-2024-22267 (CVSS score: 9.3): This is a use-after-free vulnerability in the vbluetooth device which can be exploited by an attacker if they have local administrative privileges on the VM. It allows them to execute code as the VMX process running on the host machine.

CVE-2024-22268 (CVSS score: 7.1): This is a heap buffer-overflow vulnerability in the Shader functionality. An attacker can leverage this to crash the virtual machine (DoS condition).

VMware Workstation and Fusion Critical Security Flaws Fixed

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address

VMware Workstation and Fusion Critical Security Flaws Fixed

30-May-24

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address