CVE-2017-4941

Name of the Vulnerable Software and Affected Versions VMware ESXi versions 6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG VMware Workstation versions 12.x before 12.5.8 VMware Fusion versions 8.x before 8.5.9

Description The issue could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets, potentially resulting in remote code execution in a virtual machine. For exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file, and ESXi must be configured to allow VNC traffic through the built-in firewall.

Recommendations For VMware ESXi versions 6.0 before ESXi600-201711101-SG, update to ESXi600-201711101-SG or later. For VMware ESXi version 5.5 ESXi550-201709101-SG, update to a version after ESXi550-201709101-SG. For VMware Workstation versions 12.x before 12.5.8, update to version 12.5.8 or later. For VMware Fusion versions 8.x before 8.5.9, update to version 8.5.9 or later. As a temporary workaround, consider disabling VNC in the virtual machine's .vmx configuration file until a patch is available. Restrict access to VNC traffic through the built-in firewall to minimize the risk of exploitation.