VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstation 14.1.0 and Fusion 10.1.0 by default.
[
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "14.x"
},
{
"status": "affected",
"version": "12.x"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "10.x"
},
{
"status": "affected",
"version": "8.x"
}
]
}
]