VMware Products Heap-Overflow Vulnerability in PVSCSI Controller Allowing Code Execution

A heap-overflow vulnerability has been identified in the PVSCSI (Paravirtualized SCSI) controller of VMware ESXi, Workstation, and Fusion. This vulnerability leads to an out-of-bounds write, which a malicious actor with local administrative privileges on a virtual machine could exploit to execute code as the virtual machine's VMX process on the host. In the case of ESXi, the exploitation would be contained within the VMX sandbox and could only occur with unsupported configurations. However, on Workstation and Fusion, this vulnerability could allow code execution on the machine where either application is installed.

Impact

Exploitation of this vulnerability could result in unauthorized code execution on the host machine, either within the VMX sandbox (for ESXi) or directly on the machine running Workstation or Fusion.

Remediation

Users can update to VMware ESXi 8.0 (ESXi80U3f-24784735), VMware Workstation 17.6.4, or VMware Fusion 13.6.4. For VMware Tools, versions 13.0.1.0 or 12.5.3 are recommended, depending on the Windows architecture.