Critical VMware Workstation Vulnerability Allows Guest-to-Host Escape
Security researchers have discovered a critical vulnerability in VMware Workstation that allows attackers to escape from guest virtual machines and execute arbitrary code on the host system. The exploit, developed by NVISO Labs, chains together an information leak and a stack-based buffer overflow vulnerability.
The vulnerability, demonstrated at Pwn2Own Vancouver 2023, affects VMware Workstation versions 17.0.1 and older. Users are advised to update to the latest version (17.5.0 or newer) to patch the issue.
The exploit works in two stages. First, it leverages a Use-After-Free (UAF) memory leak to bypass Address Space Layout Randomization (ASLR). Then, it triggers a stack-based buffer overflow, allowing the attacker to hijack the program's execution flow and run a custom payload on the host system. The vulnerability lies in the virtual Bluetooth device functionality of VMware Workstation.
Security researcher Alexander Zaviyalov of NCC Group has published a detailed technical analysis and a functional proof-of-concept (PoC) for the vulnerabilities. Since October 2024, the hacker group UNC5174 has been exploiting this vulnerability in the wild.
The exploit, which chains together an information leak and a stack-based buffer overflow vulnerability, allows a full guest-to-host escape. Users of VMware Workstation are urged to update to the latest version to mitigate the risk of this critical security vulnerability.
Read also:
- Strengthening Defense against Multi-faceted menaces in the Age of Authority-driven Technology
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
- Web3 Esports undergoes transformation as Aylab and CreataChain collaborate for a radical change
- Latest Tech Highlights: Top Gadgets of March 2025
