VMware has issued updates to fix two security issues the company rated as critical, one of which could lead to a remote session hijacking if exploited.
The hijacking issue, CVE-2019-5523, was in VMware vCloud Director for Service Providers resolves a remote session hijack vulnerability in the Tenant and Provider Portals. The problem attacker could access the Tenant or Provider Portals by impersonating a currently logged in session.
The advisory covered multiple issues (CVE-2019-5514, CVE-2019-5515, CVE-2019-5518, CVE-2019-5519, CVE-2019-5524) in VMware vSphere ESXi, VMware Workstation Pro / Player and VMware Fusion Pro/Fusion. These contain an out-of-bounds read/write vulnerabilities and a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). To exploit these flaws an attacker has to have access to a virtual machine with a virtual USB controller present. These issues may allow a guest to execute code on the host.
Patches are available for all issues.
VMware issued security advisories in mid-March for VMware Workstation Pro/Player and VMware Horizon.