Local Privilege Escalation Vulnerability in VMware Tools by VMware
CVE-2015-5191
6.7MEDIUM
Summary
VMware Tools versions prior to 10.0.9 are susceptible to multiple file system race conditions in libDeployPkg. These vulnerabilities stem from the use of hard-coded paths under the /tmp directory. Successful exploitation could allow attackers with local access to escalate their privileges, gaining unauthorized access to system resources or sensitive data. It is crucial for users of VMware Tools to upgrade to the latest versions and apply the necessary security patches to mitigate these risks.
Affected Version(s)
VMware Tools VMware Tools prior to 10.0.9
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved