Vulnerabilities > CVE-2019-5512 - Unspecified vulnerability in VMWare Workstation
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle COM classes appropriately. Successful exploitation of this issue may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 14 | |
OS | 1 |
Exploit-Db
id | EDB-ID:46601 |
last seen | 2019-03-25 |
modified | 2019-03-25 |
published | 2019-03-25 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/46601 |
title | VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation |
Nessus
NASL family | General |
NASL id | VMWARE_WORKSTATION_WIN_VMSA_2019_0002.NASL |
description | The version of VMware Workstation installed on the remote host is 14.x prior to 14.1.6 or 15.x prior to 15.0.3. It is, therefore, affected by an elevation of privilege vulnerability in the creation of the VMX process on a windows host. An attacker with access to a host system may be able to hijack the path to the VMX executable or COM classes used by the VMX process leading to an elevation of privilege vulnerability. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 123002 |
published | 2019-03-21 |
reporter | This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/123002 |
title | VMware Workstation 14.x < 14.1.6 / 15.x < 15.0.3 Elevation of Privilege Vulnerability (VMSA-2019-0002) |
code |
|