Primary

Context

VMware Workstation and Fusion NULL Pointer Dereference Vulnerability

Vulnerability

Patched

A NULL pointer dereference vulnerability has been identified in VMware Workstation for Windows. This vulnerability allows a malicious actor with authenticated user privileges on a Windows-based Workstation host to cause a NULL pointer dereference error, potentially leading to a crash or unexpected behavior in the application.

Impact

Exploitation of this vulnerability causes a NULL pointer dereference error, which can lead to a crash of the VMware Workstation application on the host machine.

Remediation

Users can upgrade to VMware Workstation Pro 25H2u1 to address this vulnerability. This version is available through the Broadcom Support portal.

Added: Feb 26, 2026, 7:38 PM

Updated: Feb 26, 2026, 7:38 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

2.9

remediation

7.7

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

2.9

remediation

7.7

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

VMware Workstation and Fusion NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Remediation

Affected Products

VMware Workstation

VMware Fusion

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating