Main Vulnerability Database Exploits ID:5835 - Exploit for Privilege escalation in VMware Workstation and VMware Fusion - CVE-2017-4901

ID:5835 - Exploit for Privilege escalation in VMware Workstation and VMware Fusion - CVE-2017-4901

Published: June 17, 2021

Vulnerability identifier: #VU6082

Vulnerability risk: Low

CVE-ID: CVE-2017-4901

CWE-ID: CWE-787

Exploitation vector: Local access

Vulnerable software:
VMware Workstation
VMware Fusion

Link to public exploit:

https://www.exploit-db.com/exploits/47715/

Vulnerability description

The vulnerability allows a local attacker to gain elevated privileges on the guest system.

The weakness exists due to an out-of-bounds memory access in the drag-and-drop (DnD) function in VMware Workstation and Fusion. A local attacker can gain elevated privileges and execute arbitrary code on the affected system.

Successful exploitation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Remediation

Install update from vendor's website.

ID:5835 - Exploit for Privilege escalation in VMware Workstation and VMware Fusion - CVE-2017-4901

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human