VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

We Keep you Connected

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution.
Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB controller. They carry a CVSS score of 9.3 for Workstation and Fusion, and 8.4 for ESXi systems.
“A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host,” the company said in a new advisory.
“On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.”
Multiple security researchers associated with the Ant Group Light-Year Security Lab and QiAnXin have been credited with independently discovering and reporting CVE-2024-22252. Security researchers VictorV and Wei have been acknowledged for reporting CVE-2024-22253.
Also patched by the Broadcom-owned virtualization services provider are two other shortcomings –
The issues have been addressed in the following versions, including those that have reached end-of-life (EoL) due to the severity of these issues –
As a temporary workaround until a patch can be deployed, customers have been asked to remove all USB controllers from the virtual machine.
“In addition, virtual/emulated USB devices, such as VMware virtual USB stick or dongle, will not be available for use by the virtual machine,” the company said. “In contrast, the default keyboard/mouse as input devices are not affected as they are, by default, not connected through USB protocol but have a driver that does software device emulation in the guest OS.”
State of AI in the Cloud 2024
Find out what 150,000+ cloud accounts revealed about the AI surge.
Goodbye, Atlassian Server. Goodbye… Backups?
Protect your data on Atlassian Cloud from disaster with daily backups and on-demand restores.
Take Action Fast with Censys Search for Security Teams
Stay ahead of advanced threat actors with best-in-class threat intelligence from Censys Search.
Stay ahead of advanced threat actors with best-in-class threat intelligence from Censys Search.
From Humans to Bots: Every Identity in Your SaaS App Could Be a Backdoor for Cybercriminals.
Learn how to protect your innovations from emerging security threats with expert advice.
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.

source

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE