Privilege Escalation in VMware Products due to Virtual-8086 Mode Error
CVE-2009-2267

Currently unrated

Key Information:

Vendor

Vmware

Status
Vendor
CVE Published:
2 November 2009

What is CVE-2009-2267?

VMware products, including Workstation, Player, ACE, and ESXi, are susceptible to a privilege escalation vulnerability when utilizing Virtual-8086 mode. This flaw occurs due to improper handling of page faults, allowing malicious users within the guest operating system to exploit crafted values for the cs register. By doing so, they can gain unauthorized privileges, compromising the security of the virtualized environment. Users are advised to update to the latest versions to mitigate this risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2009-2267 : Privilege Escalation in VMware Products due to Virtual-8086 Mode Error