VmwareVULNRICHMENT:CVE-2024-22268CVE-2024-22268
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
28.9%
VMware Workstation and Fusion contain a heap buffer-overflow vulnerability in the Shader functionality. A malicious actor with non-administrative access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to create a denial of service condition.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "VMware Workstation",
"vendor": "N/A",
"versions": [
{
"lessThan": "17.5.2",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "VMware Fusion",
"vendor": "N/A",
"versions": [
{
"lessThan": "13.5.2",
"status": "affected",
"version": "13.x",
"versionType": "git"
}
]
}
]Related
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
28.9%