3. USB CCID Out-of-bounds read vulnerability (CVE-2024-22251)
VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.9.
CPE | Name | Operator | Version |
---|---|---|---|
workstation | lt | 17.5.1 | |
fusion | lt | 13.5.1 |
customerconnect.vmware.com/downloads/info/slug/desktop_end_user_computing/vmware_workstation_pro/17_0
customerconnect.vmware.com/en/downloads/info/slug/desktop_end_user_computing/vmware_fusion/13_0
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22251
docs.vmware.com/en/VMware-Fusion/13.5.1/rn/vmware-fusion-1351-release-notes/index.html
docs.vmware.com/en/VMware-Workstation-Pro/17.5.1/rn/vmware-workstation-1751-pro-release-notes/index.html
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N