PT-2018-17853 · Vmware · Vmware Fusion+1

Published

2018-08-15

Updated

2018-10-15

CVE-2018-6973

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 14.x before 14.1.3 VMware Fusion versions 10.x before 10.1.3

Description The issue is an out-of-bounds write vulnerability in the e1000 device, which may allow a guest to execute code on the host.

Recommendations For VMware Workstation versions 14.x before 14.1.3, update to version 14.1.3 or later. For VMware Fusion versions 10.x before 10.1.3, update to version 10.1.3 or later.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2018-6973

ZDI-18-1060

Affected Products

Vmware Fusion

Vmware Workstation

PT-2018-17853 · Vmware · Vmware Fusion+1

CVE-2018-6973

Weakness Enumeration

Related Identifiers

Affected Products

References · 6