CVE-2021-22041

Name of the Vulnerable Software and Affected Versions VMware ESXi, Workstation, and Fusion (affected versions not specified)

Description The issue is related to a double-fetch vulnerability in the UHCI USB controller of VMware's virtualization platform. This vulnerability can be exploited by a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host. The vulnerability is caused by synchronization errors when using a shared resource.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.