Virtualization technology vendor VMware on Tuesday rolled out urgent patches for critical-severity flaws in the enterprise-facing ESXi, Workstation, Fusion and Cloud Foundation products.
The company documented four vulnerabilities and warned that the most serious bugs could allow a malicious actor with local admin privileges on a virtual machine to execute code as the virtual machine’s VMX process running on the host.
Two of the four bugs carry a CVSS severity score of 9.3 out of 10 and, because of the increased risk to organizations, VMware is pushing out fixes even for some end-of-life products.
VMware described the issues as a pair of use-after-free memory corruption vulnerabilities in the XHCI USB controller (CVE-2024-22252 and CVE-2024-22253) that can be combined to escape sandbox mitigations.
“On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed,” VMware warned.
VMware also acknowledged an ESXi out-of-bounds write vulnerability that could lead to a sandbox escape exploit and an information disclosure vulnerability in the UHCI USB controller that could be exploited to leak memory from the vmx process.
Related: VMware vCenter Flaw So Critical, End-of-Life Products Patched
Related: Exploit Code Released for Critical VMware Security Defect
Related: Code Execution Vulnerabilities in VMware vCenter Server
Related: VMware Confirms Live Exploits Hitting Just-Patched Vuln
