VMware on Tuesday patched a series of vulnerabilities in its ESXI, Workstation Pro, and Fusion hypervisors, as well as its vCenter Server Appliance.
According to a company security advisory, ESXi versions 6.0 and 5.5, Workstation version 12.x, and Fusion version 8.x contain a stack overflow bug, designated CVE-2017-4941, that authenticated users can exploit to cause remote code execution in a virtual machine. Moreover, ESXi 6.5, Wrokstation 12.x, and Fusion 8.x were also discovered to have a heap overflow vulnerability, CVE-2017-4922, that authenticated users can exploit to cause a heap overflow. Two researchers from Cisco Systems' Talos division, including Lilith Wyatt, were credited with discovering these two issues.
Additionally, the ESXI Host Client for product versions 6.5 and 6.0 and 5.5 contain a bug that enables stored cross-site scripting XSS. “An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client,” the security advisory warns. Alain Homewoord of Insomnia Security found this problem, which is designated CVE-2017-4940.
Finally, researcher Lukaz Plonka found a local privilege escalation vulnerability in the “showlog” plugin in version 6.5 of the vCentre Service Appliance. If exploited, this flaw, CVE-2017-4943, could allow a user with low privileges user to gain root-level access over the appliance base operating system.