Exploit for #VU6616 Untrusted search path in VMware Workstation

Exploit for #VU6616 Untrusted search path in VMware Workstation

Published: 2020-03-18 | Updated: 2021-06-17

Vulnerability identifier: #VU6616

Vulnerability risk: Low

CVSSv3.1: 8.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2017-4915

CWE-ID: CWE-426

Exploitation vector: Local

Exploits in database: 3

June 17, 2021
- VMware Workstation/Player < 12.5.5 - Local Privilege Escalation [Exploit-DB]
March 18, 2020
- VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Config Host Root Privilege Escalation [Exploit-DB]
- VMware Workstation ALSA Config File Local Privilege Escalation [Metasploit]

Impact: Code execution

Vulnerable software:
VMware Workstation
Client/Desktop applications / Virtualization software

Vendor: VMware, Inc