VMware hosted products and ESXi/ESX patches address privilege escalation

a. VMware Tools Incorrect Folder Permissions Privilege EscalationThe access control list of the VMware Tools folder is incorrectly set. Exploitation of this issue may lead to local privilege escalation on Windows-based Guest Operating Systems.VMware would like to thank Tavis Ormandy for reporting...

VMSA-2010-0003.1 ESX Service Console update for net-snmp

a. Service Console package net-snmp updatedThis patch updates the service console package for net-snmp, net-snmp-utils, and net-snmp-libs to version net-snmp-5.0.9-2.30E.28. This net-snmp update fixes a divide-by- zero flaw in the snmpd daemon. A remote attacker could issue a specially crafted...

ESX patches address an issue loading corrupt virtual disks and update Service Console packages

a. Loading a corrupt delta disk may cause ESX to crashIf the VMDK delta disk of a snapshot is corrupt, an ESX host might crash when the corrupted disk is loaded. VMDK delta files exist for virtual machines with one or more snapshots. This change ensures that a corrupt VMDK delta file cannot be us...

VMSA-2023-0014:VMware vCenter Server updates address multiple memory corruption vulnerabilities

Advisory ID: VMSA-2023-0014 CVSSv3 Range: 5.9 - 8.1 Issue Date:2023-06-22 Updated On: 2023-06-22 Initial Advisory CVEs: CVE-2023-20892, CVE-2023-20893, CVE-2023-20894, CVE-2023-20895, CVE-2023-20896 Synopsis: VMware vCenter Server updates address multiple memory corruption vulnerabilities...

VMware ThinApp update addresses a DLL hijacking vulnerability (CVE-2021-22000)

3. VMware ThinApp update addresses a DLL hijacking vulnerability CVE-2021-22000 VMware ThinApp contains a DLL hijacking vulnerability due to insecure loading of DLLs. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.8...

VMware Workspace ONE UEM console patches address a cross-site scripting vulnerability (CVE-2021-21990)

3. Cross Site Scripting XSS vulnerability in VMware Workspace ONE UEM console CVE-2021-21990 VMware Workspace ONE UEM console does not validate an incoming request during device enrollment.VMware has evaluated the severity of this issue to be in the low severity range with a maximum CVSSv3 base...

VMware Workstation, Fusion and Horizon Client updates address multiple security vulnerabilities (CVE-2020-3980, CVE-2020-3986, CVE-2020-3987, CVE-2020-3988, CVE-2020-3989, CVE-2020-3990)

3a. PATH configuration privilege escalation vulnerability CVE-2020-3980 VMware Fusion contains a privilege escalation vulnerability due to the way it allows configuring the system wide path. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3...

VMware ESXi, Workstation and Fusion updates address multiple security issues.

a. VMware ESXi, Workstation and Fusion UHCI out-of-bounds read/write and TOCTOU vulnerabilities VMware ESXi, Workstation and Fusion contain an out-of-bounds read/write vulnerability and a Time-of-check Time-of-use TOCTOU vulnerability in the virtual USB 1.1 UHCI Universal Host Controller Interfac...

VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Remediation for speculative execution issue

New speculative-execution control mechanism for Virtual Machines Updates of vCenter Server, ESXi, Workstation and Fusion virtualize the new speculative-execution control mechanism for Virtual Machines VMs. As a result, a patched Guest Operating System Guest OS can remediate the Branch Target...

VMware Workstation, Fusion and Horizon View Client updates resolve multiple security vulnerabilities

a. Heap buffer-overflow vulnerability in VMNAT device VMware Workstation and Fusion contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a guest to execute code on the host. VMware would like to thank Jun Mao of Tencent PC Manager working with Trend Micro's Zero Day...

VMSA-2016-0009:VMware vCenter Server updates address an HIGH reflected cross-site scripting issue

VMSA-2016-0009 VMware vCenter Server updates address an important reflected cross-site scripting issue VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0009 VMware Security Advisory Synopsis: VMware vCenter Server updates address an important reflected cross-site scripting...

VMware product updates address critical information disclosure issue in JRE.

a. Oracle JRE Update Oracle JRE is updated in VMware products to address a critical security issue that existed in earlier releases of Oracle JRE. VMware products running JRE 1.7 Update 75 or newer and JRE 1.6 Update 91 or newer are not vulnerable to CVE-2014-6593, as documented in the Oracle Jav...

VMSA-2015-0002:VMware vSphere Data Protection product update addresses a certificate validation vulnerability.

VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2015-0002 VMware Security Advisory Synopsis: VMware vSphere Data Protection product update addresses a certificate...

VMware vSphere updates address multiple vulnerabilities

a. VMware ESXi and ESX contain a vulnerability in hostd-vmdb. To exploit this vulnerability, an attacker must intercept and modify the management traffic. Exploitation of the issue may lead to a Denial of Service of the hostd-vmdb service. To reduce the likelihood of exploitation, vSphere...

VMware ESX patch address security issues

a. Service Console update for sudoThe service console package sudo is updated to version 1.7.2p1-14.el58.3The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2012-2337 and CVE-2012-3440 to the issue addressed in this update. Column 4 of the following table lis...

VMware security updates for vCSA, vCenter Server, and ESXi

a. vCenter Server Appliance directory traversal The vCenter Server Appliance vCSA contains a directory traversal vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. VMware would like ...

ESX Service Console update for krb5

a. Service Console package krb5 updateKerberos is a network authentication protocol. It is designed toprovide strong authentication for client/server applications byusing secret-key cryptography.An input validation flaw in the asn1decodegeneraltime function inMIT Kerberos 5 before 1.6.4 allows...

VMware Workspace ONE Assist update addresses multiple vulnerabilities.

3a. Authentication Bypass vulnerability CVE-2022-31685 VMware Workspace ONE Assist contains an Authentication Bypass vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. 3b. Broken Authentication Method...

VMware Horizon Client update addresses a denial-of-service vulnerability (CVE-2020-3991)

3. File system access control denial-of-service vulnerability CVE-2020-3991 VMware Horizon Client for Windows contains a denial-of-service vulnerability due to a file system access control issue during install time. VMware has evaluated the severity of this issue to be in the Moderate severity...

ESX Service Console updates for openssl, bind, and vim

a. Updated OpenSSL package for the Service Console fixes a security issue. OpenSSL 0.9.7a-33.24 and earlier does not properly check the return value from the EVPVerifyFinal function, which could allow a remote attacker to bypass validation of the certificate chain via a malformed SSL/TLS signatur...

Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus

a. Updated pcre Service Console package addresses several security issuesThe pcre package contains the Perl-Compatible Regular Expression library. pcre is used by various Service Console utilities. Several security issues were discovered in the way PCRE handles regular expressions. If an...

VMware Workspace ONE UEM console updates address an open redirect vulnerability (CVE-2023-20886)

3. Advisory Details VMware Workspace ONE UEM console contains an open redirect vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.8...

VMware vCenter Server updates address an information disclosure vulnerability (CVE-2022-22948)

3. vCenter Server information disclosure vulnerability CVE-2022-22948 The vCenter Server contains an information disclosure vulnerability due to improper permission of files. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of...

VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)

3. VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability CVE-2021-22045 The CD-ROM device emulation in VMware Workstation, Fusion and ESXi has a heap-overflow vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a...

VMware Tanzu Application Service for VMs updates address a denial-of-service vulnerability (CVE-2021-22101)

3a. VMware Tanzu Application service for VMs updates address a denial-of-service vulnerability CVE-2021-22101 VMware Tanzu Application Service for VMs uses Cloud Controller CAPI from Cloud Foundry which is vulnerable to an unauthenticated denial-of-serviceDoS vulnerability. VMware has evaluated...

VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

3. VMware vCenter Server IWA privilege escalation vulnerability CVE-2021-22048 The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. VMware has evaluated the severity of this issue to be in the Important severity...

vRealize Operations (vROps) updates address privilege escalation vulnerability

vROps privilege escalation issue vROps contains a privilege escalation vulnerability. Exploitation of this issue may allow a vROps user who has been assigned a low-privileged role to gain full access over the application. In addition it may be possible to stop and delete Virtual Machines managed ...

Updated ESX packages for libxml2, ucd-snmp, libtiff

a. Updated ESX Service Console package libxml2A denial of service flaw was found in the way libxml2 processescertain content. If an application that is linked againstlibxml2 processes malformed XML content, the XML content mightcause the application to stop responding.The Common Vulnerabilities a...

Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter

ESX patches and updates for VirtualCenter fix the followingapplication vulnerabilities...

Updated e2fsprogs service console package

Updated e2fsprogs package address multiple integer overflow flaws Thanks to Rafal Wojtczuk of McAfee Avert Research for identifying and reporting this issue. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2007-5497 to this issue...

VMSA-2024-0003:Addressing Arbitrary Authentication Relay and Session Hijack Vulnerabilities in Deprecated VMware Enhanced Authentication Plug-in (EAP) (CVE-2024-22245, CVE-2024-22250)

Advisory ID: | VMSA-2024-0003 ---|--- CVSSv3 Range: | 9.6 - 7.8 Issue Date: | 2024-02-20 Updated On: | 2024-02-20 Initial Advisory CVEs: | CVE-2024-22245, CVE-2024-22250 Synopsis: | Addressing Arbitrary Authentication Relay and Session Hijack Vulnerabilities in Deprecated VMware Enhanced...

VMware Tanzu Application Service for VMs and Isolation Segment updates address information disclosure vulnerability (CVE-2023-20891)

3. VMware Tanzu Application Service for VMs and Isolation Segment information disclosure vulnerability CVE-2023-20891 The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform...

VMSA-2020-0018:VMware ESXi, vCenter Server, and Cloud Foundation updates address a partial denial of service vulnerability

Advisory ID: VMSA-2020-0018 CVSSv3 Range: 5.3 Issue Date:2020-08-20 Updated On: 2020-08-20 Initial Advisory CVEs: CVE-2020-3976 Synopsis: VMware ESXi, vCenter Server, and Cloud Foundation updates address a partial denial of service vulnerability CVE-2020-3976 RSS Feed Download PDF Download Text...

VMware Horizon Client for Windows update addresses privilege escalation vulnerability (CVE-2020-3961)

3. VMware Horizon Client for Windows privilege escalation vulnerability VMware Horizon Client for Windows contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. VMware has evaluated the severity of this issue to be in the Important...

VMSA-2024-0005:VMware Workstation and Fusion updates address an out-of-bounds read vulnerability (CVE-2024-22251)

Advisory ID: | VMSA-2024-0005 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 5.9 Synopsis: | VMware Workstation and Fusion updates address an out-of-bounds read vulnerability CVE-2024-22251 Issue date: | 2024-02-27 Updated on: | 2024-02-27 Initial Advisory CVEs | CVE-2024-22251 1. Impacted...

VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities (CVE-2023-34048, CVE-2023-34056)

3a. VMware vCenter Server Out-of-Bounds Write Vulnerability CVE-2023-34048 vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base sco...

VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

3. VMware vCenter Server IWA privilege escalation vulnerability CVE-2021-22048 The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. VMware has evaluated the severity of this issue to be in the Important severity...

VMware SD-WAN by VeloCloud updates address SQL-injection vulnerability (CVE-2020-3973)

3a. Advisory Details The VeloCloud Orchestrator does not apply correct input validation which allows for blind SQL-injection. VMware has evaluated the severity of this issue to be in the important severity range with a maximum CVSSv3 base score of 8.5...

VMSA-2020-0017:VMware Fusion, VMware Remote Console and Horizon Client updates address a privilege escalation vulnerability

Advisory ID: VMSA-2020-0017 CVSSv3 Range: 7.8 Issue Date:2020-07-09 Updated On: 2020-07-09 Initial Advisory CVEs: CVE-2020-3974 Synopsis: VMware Fusion, VMware Remote Console and Horizon Client updates address a privilege escalation vulnerability CVE-2020-3974 RSS Feed Download PDF Download Text...

VMSA-2020-0014:VMware Tools for macOS update addresses a denial-of-service vulnerability

Advisory ID: VMSA-2020-0014 CVSSv3 Range: 3.3 Issue Date:2020-06-18 Updated On: 2020-06-18 Initial Advisory CVEs: CVE-2020-3972 Synopsis: VMware Tools for macOS update addresses a denial-of-service vulnerability CVE-2020-3972 RSS Feed Download PDF Download Text File Share this page on social medi...

VMSA-2020-0012:VMware ESXi, Workstation and Fusion updates address out-of-bounds read vulnerability

Advisory ID: VMSA-2020-0012 CVSSv3 Range: 7.1 Issue Date:2020-06-09 Updated On: 2020-06-09 Initial Advisory CVEs: CVE-2020-3960 Synopsis: VMware ESXi, Workstation and Fusion updates address out-of-bounds read vulnerability CVE-2020-3960 RSS Feed Download PDF Download Text File Share this page on...

VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities

a. Out-of-bounds write vulnerability in SVGA VMware ESXi, Workstation and Fusion contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host. VMware would like to thank Nico Golde and Ralf-Philipp Weinmann of Comsecuris UG...

VMSA-2013-0008:VMware vCenter Chargeback Manager Remote Code Execution

VMSA-2013-0008 VMware vCenter Chargeback Manager Remote Code Execution VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0008 VMware Security Advisory Synopsis: VMware vCenter Chargeback Manager Remote Code Execution VMware Security Advisory Issue date: 2013-06-11 VMware...

VMSA-2009-0017:VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues

VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0017 VMware Security Advisory Synopsis: VMware vCenter, ESX patch and vCenter Lab Manager releases address...

VMSA-2026-0002: VMware Workstation and Fusion updates address multiple vulnerabilities (CVE-2026-22715, CVE-2026-22716, CVE-2026-22717, CVE-2026-22722)

Advisory ID: | VMSA-2026-0002 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 2.7 - 6.1 Synopsis: | VMware Workstation and Fusion updates address multiple vulnerabilities CVE-2026-22715, CVE-2026-22716, CVE-2026-22717, CVE-2026-22722 Issue date: | 2026-02-26 Updated on: | 2026-02-26 Initial...

VMware Carbon Black Cloud macOS Sensor installer updates address file overwrite issue (CVE-2020-4008)

3. VMware Carbon Black Cloud macOS Sensor installer file overwrite issue CVE-2020-4008 The installer of the macOS Sensor for VMware Carbon Black Cloud handles certain files in an insecure way. VMware has evaluated the severity of this issue to be in the Low severity range with a CVSSv3 base score...

VMware App Volumes patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3975)

3a. Advisory Details VMware App Volumes does not correctly validate user input when creating and editing applications or creating storage groups. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.5...

VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. (CVE-2019-5527, CVE-2019-5535)

3a. ESXi, Workstation, Fusion, VMRC and Horizon Client use-after-free vulnerability - CVE-2019-5527 ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severit...

Updated libxml2 service console package

Updated libxml2 package to address a denial of service flaw. Thanks to the Google security team for identifying and reporting this issue. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2007-6284 to this issue...

VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

3. VMware vCenter Server IWA privilege escalation vulnerability CVE-2021-22048 The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. VMware has evaluated the severity of this issue to be in the Important severity...