KLA11258
Multiple vulnerabilities in VMware Workstation and Fusion

Updated: 09/21/2023

Detect date ?	05/21/2018
Severity ?	Warning
Description	Multiple serious vulnerabilities have been found in VMware Workstation and Fusion. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges and cause denial of service. Below is a complete list of vulnerabilities: A speculative store bypass vulnerability can be exploited locally to obtain sensitive information; A signature bypass vulnerability can be exploited locally to gain privileges; Multiple NULL pointer dereference vulnerabilities in the RPC handler can be exploited locally to cause denial of service. Technical details Vulnerability (2) affects only VMware Fusion.
Affected products	VMware Workstation earlier than 14.1.2 VMware Fusion earlier than 10.1.2
Solution	Update to latest version Download VMware Fusion Download Workstation
Original advisories	VMSA-2018-0013 VMSA-2018-0012
Impacts ?	OSI [?] DoS [?] SB [?] PE [?]
Related products	VMware Workstation VMware Fusion
CVE-IDS ?	CVE-2018-69627.2High CVE-2018-69632.1Warning CVE-2018-36392.1Warning
Exploitation	Public exploits exist for this vulnerability.
	Find out the statistics of the vulnerabilities spreading in your region

KLA11258Multiple vulnerabilities in VMware Workstation and Fusion