CVE-2019-5524Out-of-bounds Write in Vmware Fusion

CWE-787Out-of-bounds Write4 documents4 sources
Severity
8.8HIGHNVD
EPSS
2.9%
top 13.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware FusionVmware Workstation
Timeline
PublishedApr 2
Latest updateMay 14

Description

VMware Workstation (14.x before 14.1.6) and Fusion (10.x before 10.1.6) contain an out-of-bounds write vulnerability in the e1000 virtual network adapter. This issue may allow a guest to execute code on the host.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDvmware/fusion10.0.010.1.6
NVDvmware/workstation14.0.014.1.6

🔴Vulnerability Details

2
GHSA
GHSA-88f2-66g2-2qpg: VMware Workstation (142022-05-14
CVEList
CVE-2019-5524: VMware Workstation (142019-04-02

📋Vendor Advisories

1
VMware
VMware ESXi, Workstation and Fusion updates address multiple security issues.2019-03-28
CVE-2019-5524 — Out-of-bounds Write in Vmware Fusion | cvebase