Lucene search
K

6 matches found

hivepro
hivepro
added 2024/03/11 9:51 a.m.43 views

Critical VMware Vulnerabilities Leading To Sandbox Escape

Summary: Critical vulnerabilities tracked as CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, and CVE-2024-22255 have been addressed by Vmware. These vulnerabilities allow attackers to bypass virtual machines and execute commands on the host machine. Workstation, Fusion, Cloud Foundation, and VMwa...

4.6CVSS7.6AI score0.03542EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/03/06 7:20 a.m.62 views

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB...

9.3CVSS7.9AI score0.03542EPSS
Exploits0
Circl
Circl
added 2024/03/05 7:26 p.m.6 views

CVE-2024-22253

creationtimestamp| type| source ---|---|--- 2024-03-05 19:26:24+00:00| seen| https://t.me/ctinow/200608 2024-03-05 19:26:31+00:00| seen| https://t.me/ctinow/200614 2024-03-06 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1240 2024-03-06 09:22:51+00:00| seen|...

9.3CVSS8.9AI score0.00645EPSS
Exploits0References6
CVE
CVE
added 2024/03/05 5:57 p.m.142 views

CVE-2024-22253

CVE-2024-22253 is a use-after-free in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with local VM admin privileges can exploit it to execute code as the VMX process on the host; on ESXi this is contained within the VMX sandbox, while Workstation/Fusion ...

9.3CVSS9.5AI score0.00645EPSS
Exploits0References1Affected Software3
Vulnrichment
Vulnrichment
added 2024/03/05 5:57 p.m.26 views

CVE-2024-22253 Use-after-free vulnerability

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS7.7AI score0.00645EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/05 5:57 p.m.30 views

CVE-2024-22253 Use-after-free vulnerability

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS9.7AI score0.00645EPSS
Exploits0References1
Rows per page
Query Builder