← back
CVE-2017-4945

CVE-2017-4945

EPSS 0.4%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
05 Jan 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstation 14.1.0 and Fusion 10.1.0 by default.
Affected products
VMware · FusionVMware · Workstation

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.vmware.com/us/security/advisories/VMSA-2018-0003.htmlhttp://www.securityfocus.com/bid/102441http://www.securitytracker.com/id/1040109http://www.securitytracker.com/id/1040136