VMware urges emergency action to blunt hypervisor flaws

2024-03-07 07:30

Hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like.

The nastiest two - CVE-2024-22252 and 22253 - are rated 9.3/10 on VMware's Workstation and Fusion desktop hypervisors and 8.4 on the ESXi server hypervisor.

Under ESXi it will run in the VMX process that encapsulates each guest VM. In an FAQ, VMware rated the two flaws an emergency change, as defined by the IT Infrastructure Library.

Workarounds for the flaws even apply to vSphere 6.x - a now unsupported version of VMware's flagship server virtualization platform.

The FAQ adds: "That said, most Windows and Linux versions support use of the virtual PS/2 mouse and keyboard," and removing unnecessary devices such as USB controllers is recommended as part of the security hardening guidance VMware publishes.

These look significant, but short of total takeovers of the hypervisor that would allow an attacker to control fleets of VMs. Interestingly, some of the flaws were discovered by researchers at 2023's Tianfu Cup Pwn Contest - China's equivalent of the Pwn2Own infosec attack-fest.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/03/07/vmware_usb_critical_flaws/

#vmware #CVE-2024-22252

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-05	CVE-2024-22252	VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Vmware		186	83	403	198	101	785