Vmware fixed multiple security vulnerabilities that may lead to code execution, information disclosure and DoS condition with normal user privileges. Products Affected VMware vSphere ESXi (ESXi) VMware Workstation Pro / Player (Workstation) VMware Fusion Pro / Fusion (Fusion) Vmware Security Vulnerabilities The Out-of-bounds read/write vulnerabilities resides in the pixel shader functionality of the VMware ESXi, Workstation and Fusion, the vulnerability can be tracked as CVE-2019-5521 – Out-of-bounds read vulnerability – CVSSv3 = 6.3-7.7 CVE-2019-5684 – Out-of-bounds write vulnerability – CVSSv3 = 8.5 Vulnerability Exploitation To exploit the vulnerability an attacker could have access to the virtual machine with 3D graphics enabled.
Read full article on GBHackers