Recently, VMware has raised concerns by unveiling four significant vulnerabilities detected within its hypervisors. These vulnerabilities, if exploited, could pose a serious threat to the security of virtual machines operating on VMware's hypervisors.
CVE-2024-22252: a use-after-free vulnerability in XHCI USB controller with a maximum severity range of 9.3 for Workstation/Fusion and a base score of 8.4 for ESXi. Someone with local administrative privileges on a virtual machine can execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox, whereas, on Workstation and Fusion, this could lead to code execution on the machine where Workstation or Fusion is installed.
CVE-2024-22253: a use-after-free vulnerability in UHCI USB controller with a maximum severity rating of 9.3 for Workstation/Fusion and a base score of 8.4 for ESXi. Exploitation requirements and outcomes are the same as for CVE-2024-22252.
CVE-2024-22254: an out-of-bounds write vulnerability with a maximum severity base score of 7.9. This vulnerability makes it possible for someone with privileges within the VMX process to trigger an out-of-bounds write, leading to a sandbox escape.
CVE-2024-22255: an information disclosure vulnerability in the UHCI USB controller with a maximum CVSSv3 base score of 7.1. Someone with administrative access to a virtual machine can exploit it to leak memory from the vmx process.
VMware issued advisories and provided mitigation strategies. However, the company acknowledges that some workarounds may not be feasible on a larger scale, particularly for systems reliant on USB for essential functions. VMware suggests exploring virtual PS/2 mouse and keyboard options and removing unnecessary devices like USB controllers as part of its security hardening guidance.
For more information, head over to VMware’s Advisory page:
https://core.vmware.com/resource/vmsa-2 ... his-affect
-
- Veeam Software
- Posts: 75
- Liked: 46 times
- Joined: Feb 19, 2019 3:08 pm
- Full Name: Andy Sturniolo
- Contact:
-
- Veeam Software
- Posts: 75
- Liked: 46 times
- Joined: Feb 19, 2019 3:08 pm
- Full Name: Andy Sturniolo
- Contact:
Re: VMware Security Advisory - VMSA-2024-0006
Keep in mind that this information is FYI... from a Veeam Backup perspective... This does not affect the backups of VMware Virtual Machines.
-
- Veeam Software
- Posts: 75
- Liked: 46 times
- Joined: Feb 19, 2019 3:08 pm
- Full Name: Andy Sturniolo
- Contact:
Re: VMware Security Advisory - VMSA-2024-0006
If you are wondering how many VMs have the USB controllers that might be an issue. William Lam @ VMware has posted a great thread that talks about a script to query your VMs.
https://williamlam.com/2024/03/quick-ti ... llers.html
https://williamlam.com/2024/03/quick-ti ... llers.html
Who is online
Users browsing this forum: No registered users and 30 guests