CVE-2024-22254

Name of the Vulnerable Software and Affected Versions VMware ESXi (affected versions not specified) VMware Workstation (affected versions not specified) VMware Fusion (affected versions not specified) VMware Cloud Foundation (affected versions not specified)

Description The issue is related to an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write, leading to an escape of the sandbox and potentially allowing the attacker to elevate their privileges.

Recommendations For VMware ESXi, consider restricting access to the VMX process until a patch is available. For VMware Workstation, temporarily disable any functionality that may interact with the VMX process to minimize the risk of exploitation. For VMware Fusion, avoid using any features that may trigger an out-of-bounds write in the VMX process until the issue is resolved. For VMware Cloud Foundation, restrict access to any components that may be affected by the out-of-bounds write vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.