Remote Code Execution Vulnerability in VMware Products
CVE-2009-1244
Currently unrated
Summary
An unspecified vulnerability exists in the virtual machine display function of various VMware products, enabling users of a guest operating system to execute arbitrary code on the host operating system. This issue affects multiple versions across VMware Workstation, Player, ACE, Server, Fusion, ESXi, and ESX, allowing potentially unauthorized access and exploitation through unknown vectors.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved