CVE-2017-4898

Name of the Vulnerable Software and Affected Versions VMware Workstation Pro/Player versions prior to 12.5.3

Description The issue is related to a DLL loading vulnerability in the "vmware-vmx" process, which loads DLLs from a path defined in the local environment-variable. This could allow normal users to escalate privileges to System in the host machine where the software is installed.

Recommendations For versions prior to 12.5.3, update to version 12.5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the environment-variable that defines the DLL loading path to minimize the risk of exploitation.