Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.VMWARE_VMSA-2019-0012.NASL
HistoryAug 12, 2019 - 12:00 a.m.

VMSA-2019-0012 : Out-of-bounds pixel shader vulnerabilities

2019-08-1200:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H

9.7 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

85.6%

JSON

Pixel shader vulnerabilities

VMware ESXi, Workstation and Fusion contain out-of-bounds read/write vulnerabilities in the pixel shader functionality.

Exploitation of these issues require an attacker to have access to a virtual machine with 3D graphics enabled. It is not enabled by default on ESXi and is enabled by default on Workstation and Fusion.

Successful exploitation of the out-of-bounds read issue (CVE-2019-5521) may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on the host.

The out-of-bounds write issue (CVE-2019-5684) can be exploited only if the host has an affected NVIDIA graphics driver. Successful exploitation of this issue may lead to code execution on the host.
Customers should check NVIDIA security advisory for additional information.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from VMware Security Advisory 2019-0012. 
# The text itself is copyright (C) VMware Inc.
#

include('compat.inc');

if (description)
{
  script_id(127807);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/06");

  script_cve_id("CVE-2019-5521", "CVE-2019-5684");
  script_xref(name:"VMSA", value:"2019-0012");

  script_name(english:"VMSA-2019-0012 : Out-of-bounds pixel shader vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"The remote VMware ESXi host is missing one or more security-related
patches.");
  script_set_attribute(attribute:"description", value:
"Pixel shader vulnerabilities

VMware ESXi, Workstation and Fusion contain out-of-bounds read/write
vulnerabilities in the pixel shader functionality.

Exploitation of these issues require an attacker to have access to a
virtual machine with 3D graphics enabled. It is not enabled by default
on ESXi and is enabled by default on Workstation and Fusion.

Successful exploitation of the out-of-bounds read issue
(CVE-2019-5521) may lead to information disclosure or may allow
attackers with normal user privileges to create a denial-of-service
condition on the host.

The out-of-bounds write issue (CVE-2019-5684) can be exploited only if
the host has an affected NVIDIA graphics driver. Successful
exploitation of this issue may lead to code execution on the host.
Customers should check NVIDIA security advisory for additional
information.");
  script_set_attribute(attribute:"see_also", value:"http://lists.vmware.com/pipermail/security-announce/2019/000464.html");
  script_set_attribute(attribute:"solution", value:
"Apply the missing patches.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5684");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/08/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:6.5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:6.7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"VMware ESX Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/VMware/release", "Host/VMware/version");
  script_require_ports("Host/VMware/esxupdate", "Host/VMware/esxcli_software_vibs");

  exit(0);
}


include("audit.inc");
include("vmware_esx_packages.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/VMware/release")) audit(AUDIT_OS_NOT, "VMware ESX / ESXi");
if (
  !get_kb_item("Host/VMware/esxcli_software_vibs") &&
  !get_kb_item("Host/VMware/esxupdate")
) audit(AUDIT_PACKAGE_LIST_MISSING);


init_esx_check(date:"2019-08-02");
flag = 0;


if (esx_check(ver:"ESXi 6.5", vib:"VMware:esx-base:6.5.0-2.83.13004031")) flag++;
if (esx_check(ver:"ESXi 6.5", vib:"VMware:esx-tboot:6.5.0-2.83.13004031")) flag++;
if (esx_check(ver:"ESXi 6.5", vib:"VMware:vsan:6.5.0-2.83.12559347")) flag++;
if (esx_check(ver:"ESXi 6.5", vib:"VMware:vsanhealth:6.5.0-2.83.12559353")) flag++;

if (esx_check(ver:"ESXi 6.7", vib:"VMware:esx-base:6.7.0-1.44.12986307")) flag++;
if (esx_check(ver:"ESXi 6.7", vib:"VMware:esx-update:6.7.0-1.44.12986307")) flag++;
if (esx_check(ver:"ESXi 6.7", vib:"VMware:vsan:6.7.0-1.44.11399678")) flag++;
if (esx_check(ver:"ESXi 6.7", vib:"VMware:vsanhealth:6.7.0-1.44.11399680")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
vmwareesxi6.5cpe:/o:vmware:esxi:6.5
vmwareesxi6.7cpe:/o:vmware:esxi:6.7

Related

kaspersky 1
nessus 3
vmware 1
talosblog 1
cvelist 2
cve 2
prion 2
nvd 2
nvidia 1
ibm 1
lenovo 2
hp 1
kaspersky
kaspersky
KLA12118 Multiple vulnerabilities in VMware Workstation and Player
2019-08-02 00:00:00
nessus
nessus
VMware Workstation 14.0.x < 14.1.6 / 15.0.x < 15.0.3 Pixel Shader out-of-bounds read/write vulnerabilities (VMSA-2019-0012)
2019-08-12 00:00:00
VMware Fusion 10.0.x < 10.1.6 / 11.0.x < 11.0.3 Pixel Shader out-of-bounds read/write vulnerabilities (VMSA-2019-0012)
2019-08-12 00:00:00
ESXi 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0012)
2019-08-20 00:00:00
vmware
vmware
VMware ESXi, Workstation and Fusion updates address out-of-bounds read/write vulnerabilities (CVE-2019-5521, CVE-2019-5684)
2019-08-02 00:00:00
talosblog
talosblog
Vulnerability Spotlight: Multiple vulnerabilities in NVIDIA Windows GPU Display Driver, VMware ESXi, Workstation and Fusion
2019-08-05 09:01:13
cvelist
cvelist
CVE-2019-5521
2019-09-20 18:00:52
CVE-2019-5684
2019-08-06 19:48:29
cve
cve
CVE-2019-5521
2019-09-20 18:15:10
CVE-2019-5684
2019-08-06 20:15:12
prion
prion
Out-of-bounds
2019-09-20 18:15:00
Design/Logic Flaw
2019-08-06 20:15:00
nvd
nvd
CVE-2019-5521
2019-09-20 18:15:10
CVE-2019-5684
2019-08-06 20:15:12
nvidia
nvidia
Security Bulletin: NVIDIA GPU Display Driver - August 2019
2019-08-02 00:00:00
ibm
ibm
Security Bulletin: NVIDIA Windows GPU Display Driver has resolved several security vulnerabilities as described below.
2020-06-25 18:24:42
lenovo
lenovo
NVIDIA Windows GPU Display Driver Vulnerabilities - Lenovo Support US
2019-08-06 22:27:07
NVIDIA Windows GPU Display Driver Vulnerabilities - Lenovo Support US
2019-08-06 22:27:07
hp
hp
HPSBHF03645 rev. 3 - NVIDIA GPU Display Driver Vulnerabilities 2019
2019-12-16 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H

9.7 High

AI Score

Confidence

High

0.013 Low

EPSS

Percentile

85.6%

JSON
Related for VMWARE_VMSA-2019-0012.NASL
kaspersky1nessus3vmware1talosblog1cvelist2cve2prion2nvd2nvidia1ibm1lenovo2hp1