← volver
CVE-2017-4898

CVE-2017-4898

EPSS 0.4%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
07 jun 2017Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.
Productos afectados
VMware · Workstation Pro/Player

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://www.securityfocus.com/bid/96772http://www.securitytracker.com/id/1037979http://www.vmware.com/security/advisories/VMSA-2017-0003.html