CVE-2017-4924
VMware Workstation Shader Out-Of-Bounds Write Privilege Escalation Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.
VMware ESXi (ESXi 6.5 sin el parche ESXi650-201707101-SG), Workstation (en versiones 12.x anteriores a la 12.5.7) y Fusion (en versiones 8.x anteriores a la 8.5.8) contienen una vulnerabilidad de escritura fuera de límites en un dispositivo SVGA. Este problema podría permitir que un invitado ejecute código en el host.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the guest system in order to exploit this vulnerability.
The specific flaw exists within the Shader implementation. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the host OS.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-12-26 CVE Reserved
- 2017-09-15 CVE Published
- 2023-07-26 EPSS Updated
- 2024-09-17 CVE Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/100843 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039365 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039366 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2017-0015.html | 2022-02-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | >= 8.0.0 < 8.5.8 Search vendor "Vmware" for product "Fusion" and version " >= 8.0.0 < 8.5.8" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Pro Search vendor "Vmware" for product "Workstation Pro" | >= 12.0.0 < 12.5.7 Search vendor "Vmware" for product "Workstation Pro" and version " >= 12.0.0 < 12.5.7" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | 650-201701001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | 650-201703001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | 650-201703002 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 6.5 Search vendor "Vmware" for product "Esxi" and version "6.5" | 650-201704001 |
Affected
| ||||||