6 matches found
Critical VMware Vulnerabilities Leading To Sandbox Escape
Summary: Critical vulnerabilities tracked as CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, and CVE-2024-22255 have been addressed by Vmware. These vulnerabilities allow attackers to bypass virtual machines and execute commands on the host machine. Workstation, Fusion, Cloud Foundation, and VMwa...
VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws
VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB...
CVE-2024-22253
creationtimestamp| type| source ---|---|--- 2024-03-05 19:26:24+00:00| seen| https://t.me/ctinow/200608 2024-03-05 19:26:31+00:00| seen| https://t.me/ctinow/200614 2024-03-06 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1240 2024-03-06 09:22:51+00:00| seen|...
CVE-2024-22253
CVE-2024-22253 is a use-after-free in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with local VM admin privileges can exploit it to execute code as the VMX process on the host; on ESXi this is contained within the VMX sandbox, while Workstation/Fusion ...
CVE-2024-22253 Use-after-free vulnerability
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...
CVE-2024-22253 Use-after-free vulnerability
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...