Multiple vulnerabilities in VMware Workstation and Fusion
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-6962 CVE-2018-6963 |
| CWE-ID | CWE-264 CWE-476 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
VMware Fusion Client/Desktop applications / Virtualization software VMware Workstation Client/Desktop applications / Virtualization software |
| Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU12990
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6962
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the target system.
The vulnerability exists due to a signature bypass flaw. A local attacker can gain elevated privileges.
Update to version 10.1.2.
VMware Fusion: 10.0 - 10.1.1
CPE2.3- cpe:2.3:a:vmware:vmware_fusion:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_fusion:10.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_fusion:10.1.1:*:*:*:*:*:*:*
https://www.vmware.com/security/advisories/VMSA-2018-0013.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Null pointer dereference
EUVDB-ID: #VU12991
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6963
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to cause DoS condition on the target system.
The vulnerability exists due to NULL pointer dereference in the RPC handler. A remote attacker can cause the service to crash.
Update VMware Workstation to version 14.1.2 and Fusion to version 10.1.2.
Vulnerable software versionsVMware Fusion: 10.0 - 10.1.1
VMware Workstation: 14.0 - 14.1.1
CPE2.3- cpe:2.3:a:vmware:vmware_fusion:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_fusion:10.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_fusion:10.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:14.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:14.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:14.1.1:*:*:*:*:*:*:*
https://www.vmware.com/security/advisories/VMSA-2018-0013.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
