VMware has recently patched numerous bugs across multiple products. The most notable of all is a critical guest-to-host vulnerability affecting the VMware Workstation Pro.
WMware Patched Critical Vulnerability
Reportedly, a critical security vulnerability existed in the VMware Workstation Pro that targeted guest-to-host interaction. Specifically, the flaw allowed guest apps to execute commands on the host.
Sharing the details in an advisory, VMware elaborated that a critical use-after-free vulnerability (CVE-2020-3947) existed in Workstation and Fusion products.
VMware Workstation and Fusion contain a use-after vulnerability in vmnetdhcp…
Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition of the vmnetdhcp service running on the host machine.
The vendors labeled it a critical severity bug with a CVSS score of 9.3.
The bug first caught the attention of a Trend Micro ZDI researcher who then reported the matter to VMware. They have since fixed the flaw with the release of VMware Workstation v.15.5.2 and VMware Fusion v.11.5.2.
Other VMware Fixes
Alongside the above, the vendors also fixed two other vulnerabilities in their products.
The first of these is an important severity local Privilege escalation vulnerability in Cortado Thinprint (CVE-2020-3948). Affecting the VMware Workstation and Fusion, the vulnerability allowed local attackers to elevate privileges on a Linux guest VM by exploiting the flaw.
The vendors have fixed this bug since it had a CVSS score of 7.8 with the release of Workstation v.15.5.2 and Fusion v.11.5.2.
The other is also an important severity privilege escalation flaw (CVE-2019-5543) with a CVSS score of 7.3. The bug existed in VMware Horizon Client for Windows, VMRC for Windows and Workstation for Windows allowing exploitation by local attackers. The vendors fixed the flaw with the release of Horizon Client for Windows v.5.3.0, VMRC for Windows v.11.0.0, and Workstation for Windows v.15.5.2.
Users must ensure they upgrade to the latest patched versions to stay safe from potential exploitation.
Let us know your thoughts in the comments.