KLA11304
Multiple vulnerabilities in VMware products

Updated: 06/03/2020

Detect date ?	08/14/2018
Severity ?	Critical
Description	Multiple vulnerabilities was found in VWware Workstation and Fusion. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities: A vulnerability in systems with microprocessors utilizing speculative execution and address translations can be exploited to bypass security restrictions and possible to obtain sensetive information via a terminal page fault and a side-channel analysis; An out-of-bounds write vulnerability can be exploited remotely to execute arbitrary code.
Affected products	VMware Workstation 14.x earlier than 14.1.3 VMware Fusion 10.x earlier than 10.1.3
Solution	Update to the latest version Download Workstation
Original advisories	VMSA-2018-0020 VMSA-2018-0022 VMSA-2018-0026
Impacts ?	ACE [?] OSI [?] SB [?]
Related products	VMware Workstation VMware Fusion
CVE-IDS ?	CVE-2018-36464.7Warning CVE-2018-69737.2High CVE-2018-69747.2High
	Find out the statistics of the vulnerabilities spreading in your region

KLA11304Multiple vulnerabilities in VMware products