VMware ESXi, vCenter Server Appliance, Workstation and Fusion updates address multiple security vulnerabilities

ID VMSA-2017-0021
Type vmware
Reporter VMware
Modified 2017-12-19T00:00:00


a. ESXi, Workstation, and Fusion stack overflow via authenticated VNC session

VMware ESXi, Workstation, and Fusion contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session.

Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.

VMware would like to thank Lilith Wyatt and another member of Cisco Talos for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4941 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.