exploitDog

GHSA-j652-46fv-w96g

Опубликовано: 04 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.3

Описание

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

Ссылки

EPSS

Процентиль: 98%

0.51468

Средний

9.3 Critical

CVSS3

CVE ID

Дефекты

CWE-367

Связанные уязвимости

CVE-2025-22224

CVSS3: 9.3

nvd

11 месяцев назад

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

BDU:2025-02354

CVSS3: 9.3

fstec

11 месяцев назад

Уязвимость гипервизоров VMware ESXi, и Vmware Workstation, связанная с ошибками синхронизации при использовании общего ресурса («Ситуация гонки»), позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 98%

0.51468

Средний

9.3 Critical

CVSS3

CVE ID

Дефекты

CWE-367