9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.008 Low
EPSS
Percentile
81.9%
a. A privilege escalation on 32-bit and 64-bit guest operating systemsVMware products emulate hardware functions and create thepossibility to run guest operating systems.A flaw in the CPU hardware emulation might allow the virtual CPU toincorrectly handle the Trap flag. Exploitation of this flaw mightlead to a privilege escalation on guest operating systems. Anattacker needs a user account on the guest operating system andhave the ability to run applications.VMware would like to thank Derek Soeder for discoveringthis issue and working with us on its remediation.The Common Vulnerabilities and Exposures project (cve.mitre.org)has assigned the name CVE-2008-4915 to this issue.The following table lists what action remediates the vulnerability(column 4) if a solution is available.