CVE-2024-22273
published 2024-05-21CVE-2024-22273: The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 4.0 < 5.1.1 | 5.1.1 |
| vmware | esxi | — | — |
| vmware | esxi | — | — |
| vmware | fusion | >= 13.0.0 < 13.5.1 | 13.5.1 |
| vmware | workstation | >= 17.0.0 < 17.5.1 | 17.5.1 |