Privilege Escalation Issue in Microsoft Virtual Machine Monitor
CVE-2009-1542

Currently unrated

Key Information:

Vendor
Microsoft
Status
Virtual Pc
Virtual Server
Vendor
CVE Published:
15 July 2009

Summary

The Virtual Machine Monitor (VMM) in Microsoft Virtual PC and Microsoft Virtual Server allows unprivileged users in guest operating systems to execute arbitrary kernel-mode code. This occurs due to the VMM not enforcing CPU privilege-level requirements for certain machine instructions. By using specially crafted applications, an attacker can gain elevated privileges within the guest OS, potentially leading to unauthorized access and system control.

References

http://www.vupen.com/english/advisories/2009/1890
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/35808
third-party-advisoryx_refsource_SECUNIA
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2009-1542 : Privilege Escalation Issue in Microsoft Virtual Machine Monitor | SecurityVulnerability.io