PT-2018-8225 · Microsoft+1 · Windows+3

Published

2018-01-05

Updated

2019-10-03

CVE-2017-4945

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 12.x through 14.x VMware Fusion versions 8.x through 10.x

Description: The issue allows program execution via Unity on locked Windows VMs. This may potentially lead to unauthorized access. The estimated number of affected devices is not specified.

Recommendations: For VMware Workstation versions 12.x through 14.x, update VMware Tools to 10.2.0. For VMware Fusion versions 8.x through 10.x, update VMware Tools to 10.2.0. As a permanent fix, consider updating to Workstation 14.1.0 or Fusion 10.1.0, which consume VMware Tools 10.2.0 by default.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-4945

Affected Products

Vmware Fusion

Vmware Tools

Vmware Workstation

Windows

PT-2018-8225 · Microsoft+1 · Windows+3

CVE-2017-4945

Related Identifiers

Affected Products

References · 6