Remote Code Execution Vulnerability in VMware Products
CVE-2009-1244

Currently unrated

Key Information:

Vendor
Vmware
Status
Vendor
CVE Published:
13 April 2009

Badges

👾 Exploit Exists🟡 Public PoC

Summary

An unspecified vulnerability exists in the virtual machine display function of various VMware products, enabling users of a guest operating system to execute arbitrary code on the host operating system. This issue affects multiple versions across VMware Workstation, Player, ACE, Server, Fusion, ESXi, and ESX, allowing potentially unauthorized access and exploitation through unknown vectors.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.