1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: VMWare Fusion CVE-2019-5514

Attack: VMWare Fusion CVE-2019-5514

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to exploit local security-bypass vulnerability on VMware Fusion.

Additional Information

VMware Fusion is prone to a local security-bypass vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker can exploit this issue by tricking the host user to execute a JavaScript on the guest machine where VMware Tools is installed. Successful exploits may allow an attacker to execute commands on the guest machines.

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks.

Affected

  • VMware Fusion 11.x before 11.0.3
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube