CVE-2019-5515

VMware Workstation e1000 Memory Corruption Privilege Escalation Vulnerability

Severity Score

8.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and Fusion (11.x before 11.0.3, 10.x before 10.1.6) updates address an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Exploitation of this issue may lead to code execution on the host from the guest but it is more likely to result in a denial of service of the guest.

Las actualizaciones de VMware Workstation (en las versiones 15.x anteriores a a la 15.0.3, y las 14.x anteriores a la 14.1.6) y de Fusion (en las versiones 11.x anteriores a a la 11.0.3, y las 10.x anteriores a la 10.1.6) abordan una vulnerabilidad de escritura fuera de límites en los adaptadores de red virtual e1000 y e1000e. La explotación de este problema podría conducir a una ejecución de código en el host desde el invitado, pero es más probable que resulte en una denegación de servicio (DoS) de esta..

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability.
The specific flaw exists within the e1000 driver. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor.

*Credits: instructor

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-01-07 CVE Reserved
2019-03-29 CVE Published
2024-08-04 CVE Updated
2024-08-23 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-787: Out-of-bounds Write

CAPEC

References (5)

URL	Tag	Source
https://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html	Third Party Advisory
https://www.securityfocus.com/bid/107634	Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-19-306	Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-19-516	X_refsource_misc

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.vmware.com/security/advisories/VMSA-2019-0005.html	2019-05-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Vmware Search vendor "Vmware"		Fusion Search vendor "Vmware" for product "Fusion"				>= 10.0.0 < 10.1.6 Search vendor "Vmware" for product "Fusion" and version " >= 10.0.0 < 10.1.6"		-		Affected
Vmware Search vendor "Vmware"		Fusion Search vendor "Vmware" for product "Fusion"				>= 11.0.0 < 11.0.3 Search vendor "Vmware" for product "Fusion" and version " >= 11.0.0 < 11.0.3"		-		Affected
Vmware Search vendor "Vmware"		Workstation Search vendor "Vmware" for product "Workstation"				>= 14.0.0 < 14.1.6 Search vendor "Vmware" for product "Workstation" and version " >= 14.0.0 < 14.1.6"		-		Affected
Vmware Search vendor "Vmware"		Workstation Search vendor "Vmware" for product "Workstation"				>= 15.0.0 < 15.0.3 Search vendor "Vmware" for product "Workstation" and version " >= 15.0.0 < 15.0.3"		-		Affected