#VU6616 Untrusted search path in VMware Workstation
Vulnerability identifier: #VU6616
Vulnerability risk: Low
CVSSv3.1: 8.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-426
Exploitation vector: Local
Exploit availability: Yes
Vulnerable software:
VMware Workstation
Client/Desktop applications /
Virtualization software
Vendor: VMware, Inc
Description
The vulnerability allows a local attacker to gain root privileges on a Linux host machine.
The weakness exists due to untrusted search path. A local attacker who is able to change configuration can load library via ALSA sound driver configuration files, gain elevated privileges and execute arbitrary code on the system.
Successful exploitation of the vulnerability may result in full system compromise.
Mitigation
Update to version 12.5.6.
Vulnerable software versions
VMware Workstation: 12.0.0 - 12.5.5
External links
http://www.vmware.com/security/advisories/VMSA-2017-0009.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
