Use-After-Free Vulnerability in VMware Sound Device
CVE-2019-5527
8.8HIGH
Key Information:
- Vendor
Vmware
- Vendor
- CVE Published:
- 10 October 2019
What is CVE-2019-5527?
VMware products including ESXi, Workstation, Fusion, VMRC, and Horizon Client are affected by a use-after-free vulnerability in the virtual sound device component. This flaw can potentially allow an attacker to exploit the memory management flaws, leading to unintended behavior during sound playback operations. Users of these VMware products are advised to implement available updates and security measures to mitigate any possible risks associated with this vulnerability.
Affected Version(s)
ESXi, Workstation, Fusion, VMRC and Horizon Client ESXi 6.7. 6.5, 6.0, Workstation 15.x, Fusion 11.x, VMRC 10.x and Horizon Client 5.x and prior