VMware Patches Severe Security Flaws in Workstation and Fusion Products

Avatar
Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS) condition, and execute code under certain circumstances. The four vulnerabilities impact Workstation versions 17.x and Fusion versions 13.x, with fixes available in version 17.5.2 and
[[{“value”:”

Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS) condition, and execute code under certain circumstances.

The four vulnerabilities impact Workstation versions 17.x and Fusion versions 13.x, with fixes available in version 17.5.2 and 13.5.2, respectively, the Broadcom-owned virtualization services provider said.

A brief description of each of the flaws is below –

CVE-2024-22267 (CVSS score: 9.3) – A use-after-free vulnerability in the Bluetooth device that could be exploited by a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine’s VMX process running on the host
CVE-2024-22268 (CVSS score: 7.1) – A heap buffer-overflow vulnerability in the Shader functionality that could be exploited by a malicious actor with non-administrative access to a virtual machine with 3D graphics enabled to create a DoS condition
CVE-2024-22269 (CVSS score: 7.1) – An information disclosure vulnerability in the Bluetooth device that could be exploited by a malicious actor with local administrative privileges on a virtual machine to read privileged information contained in hypervisor memory from a virtual machine
CVE-2024-22270 (CVSS score: 7.1) – An information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality that could be exploited by a malicious actor with local administrative privileges on a virtual machine to read privileged information contained in hypervisor memory from a virtual machine

As temporary workarounds until the patches can be deployed, users are advised to turn off the Bluetooth support on the virtual machine and disable 3D acceleration feature. There are no mitigations that address CVE-2024-22270 other than updating to the latest version.

It’s worth noting that CVE-2024-22267, CVE-2024-22269, and CVE-2024-22270 were originally demonstrated by STAR Labs SG and Theori at the Pwn2Own hacking contest held in Vancouver earlier this March.

The advisory comes more than two months after the company released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws (CVE-2024-22252 and CVE-2024-22253, CVSS scores: 9.3/8.4)that could lead to code execution.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

Next Post

Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days

Related Posts

APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage

Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023 was API calls. What’s more, a typical enterprise site saw an average of 1.5 billion API
Avatar
Read More

Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware

North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. “The threat actor gained access to the victim workstation by exploiting the exposed setup wizard
Avatar
Read More