Primary

Context

VMware Workstation and Fusion Out-of-Bounds Write Vulnerability Allowing Process Termination

Vulnerability

Patched

An out-of-bounds write vulnerability has been identified in VMware Workstation 25H1 and earlier versions, across all platforms. This vulnerability allows a user with non-administrative privileges on a guest virtual machine to cause certain VMware Workstation processes to terminate unexpectedly.

Impact

Exploitation of this vulnerability leads to a crash of specific VMware Workstation processes on the host machine.

Remediation

Users can upgrade to VMware Workstation 25H2u1 to address this vulnerability. This version is available through the VMware Workstation Pro 25H2 release notes on the Broadcom website.

Added: Feb 27, 2026, 7:20 PM

Updated: Feb 27, 2026, 8:31 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

0.8

exploitability

2.9

remediation

7.7

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

0.8

exploitability

2.9

remediation

7.7

relevance

3.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

VMware Workstation and Fusion Out-of-Bounds Write Vulnerability Allowing Process Termination

Vulnerability

Impact

Remediation

Affected Products

VMware Workstation

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating