Privilege Escalation in VMware Products due to Virtual-8086 Mode Error
CVE-2009-2267
Currently unrated
Summary
VMware products, including Workstation, Player, ACE, and ESXi, are susceptible to a privilege escalation vulnerability when utilizing Virtual-8086 mode. This flaw occurs due to improper handling of page faults, allowing malicious users within the guest operating system to exploit crafted values for the cs register. By doing so, they can gain unauthorized privileges, compromising the security of the virtualized environment. Users are advised to update to the latest versions to mitigate this risk.
References
Timeline
Vulnerability published
Vulnerability Reserved