VMware Updates Workstation Pro/Player

Wednesday, May 22, 2019 @ 09:05 AM gHale

VMware has an update available to mitigate a DLL-hijacking vulnerability in its VMware Workstation Pro/Player (Workstation).

The vulnerability has a case number of CVE-2019-5526 and has a CVSS score of 6.0.

Fix is in for VMware’s ESXi, Workstation, Fusion
VMware Issues Security Updates
VMware Fixes Elevation of Privilege Hole
VMware Releases Security Fixes

VMware Workstation contains a DLL hijacking issue because some DLL files are improperly loaded by the application.

Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed.

Update to Workstation 15.1.0 in order to resolve this issue. In addition, there are no workarounds for this issue.

Leave a Reply

You must be logged in to post a comment.