Virtualization Technology News and Information
Article
RSS
VMware Workstation and Player Local Privilege Escalation Vulnerability Exposed

VMware Workstation and Player contain a vulnerability that could allow an authenticated, local attacker to bypass security restrictions and gain elevated privileges on a targeted system.

The vulnerability is due to insufficient security restrictions imposed on user access control by the affected software. An authenticated, local attacker could exploit this vulnerability by referencing certain executable in the affected software. A successful exploit could allow the attacker to bypass security restrictions and gain elevated privileges on a targeted system.

The following VMware products are vulnerable:

  • VMware Workstation for Windows versions 11.0.0 through 11.1.2
  • VMware Player for Windows versions 7.0.0 through 7.1.2

To exploit this vulnerability, an attacker must have local access to a targeted device. This access requirement decreases the possibility of a successful exploit.

VMware has released updated software for registered users at the following link:

Published Thursday, May 19, 2016 3:11 PM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<May 2016>
SuMoTuWeThFrSa
24252627282930
1234567
891011121314
15161718192021
22232425262728
2930311234