PT-2024-3771 · Vmware · Vmware Fusion+1
Published
2024-05-14
·
Updated
2025-06-27
·
CVE-2024-22269
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
VMware Workstation and Fusion (affected versions not specified)
Description
The issue is related to an information disclosure vulnerability in the vbluetooth device of VMware Workstation and Fusion. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. The vulnerability is associated with inadequate access control in the vbluetooth component, which can allow an attacker to gain unauthorized access to protected information.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Fusion
Vmware Workstation