Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款VMware产品竞争条件问题漏洞
Vulnerability Description
VMware ESXi等都是美国威睿(VMware)公司的产品。VMware ESXi是一套可直接安装在物理服务器上的服务器虚拟化平台。VMware Workstation是一套虚拟机软件。VMware Fusion是一套专用于在苹果机(Mac)上运行Windows应用程序的的虚拟机软件。 Vmware ESXi、Fusion和Workstation中的USB 2.0控制器(EHCI)存在安全漏洞。本地攻击者可利用该漏洞在虚拟机监控程序上执行代码。以下产品及版本受到影响:Vmware ESXi ESXi_
CVSS Information
N/A
Vulnerability Type
N/A