CVE-2019-5540

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 15.x before 15.5.1 VMware Fusion versions 11.x before 11.5.1

Description The issue is related to a lack of protection for service data in the VMnetDHCP service of VMware Workstation and VMware Fusion hypervisors. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information. It can also enable an attacker on a guest VM to disclose sensitive information by leaking memory from the host process.

Recommendations For VMware Workstation versions 15.x before 15.5.1, update to version 15.5.1 or later. For VMware Fusion versions 11.x before 11.5.1, update to version 11.5.1 or later.