Lucene search

Kaspersky LabKLA64629

HistoryFeb 27, 2024 - 12:00 a.m.

KLA64629 OSI vulnerability in VMWare Workstation

2024-02-2700:00:00

Kaspersky Lab

threats.kaspersky.com

vmware

workstation

vulnerability

out of bounds read

malicious users

sensitive information

update

vmsa-2024-0005

osi

5.9 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Out of bounds read vulnerability was found in VMWare Workstation. Malicious users can exploit this vulnerability to obtain sensitive information.

Original advisories

VMSA-2024-0005

Related products

VMware-Workstation

CVE list

CVE-2024-22251 unknown

Solution

Update to the latest version

Download VMware Workstation

Impacts

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Affected Products

VMware Workstation 17.x earlier than 17.5.1

References

statistics.securelist.com/

threats.kaspersky.com/en/product/VMware-Workstation/

www.vmware.com/security/advisories/VMSA-2024-0005.html

5.9 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for KLA64629