Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
%2C%20VMware%20Remote%20Console%20for%20Windows%20(12.x%20prior%20to%2012.0.1)%20%2C%20VMware%20App%20Volumes%20(2.x%20prior%20to%202.18.10%20and%204%20prior%20to%202103)%20&color=brightgreen)
VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior to 2.18.10 and 4 prior to 2103) contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as `openssl.cnf' in an unrestricted directory which would allow code to be executed with elevated privileges.
No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/chnzzh/OpenSSL-CVE-lib