CVE-2018-6983 — Integer Overflow or Wraparound in Vmware Fusion

CWE-190 — Integer Overflow or Wraparound3 documents3 sources

Severity

8.8HIGHNVD

EPSS

0.1%

top 68.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Fusion Vmware Workstation Vmware Workstation AND Fusion

Timeline

PublishedNov 27

Latest updateMay 14

Description

VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages3 packages

▶CVEListV5vmware/vmware_workstation_and_fusionVMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5)

▶NVDvmware/fusion10.0.0 — 10.1.5+1

▶NVDvmware/workstation14.0.0 — 14.1.5+1

🔴Vulnerability Details

GHSA

GHSA-5jx3-fq8r-vrrm: VMware Workstation (15↗2022-05-14

▶

CVEList

CVE-2018-6983: VMware Workstation (15↗2018-11-27

▶