CVE-2024-22255 - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB

CVE-2024-22255

Summary

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

References

https://www.vmware.com/security/advisories/VMSA-2024-0006.html

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

05-03-2024 - 18:50

Published

05-03-2024 - 18:15

Last modified

05-03-2024 - 18:50