VMware Workstation and Fusion Vulnerability: Out-of-Bounds Read in USB CCID
CVE-2024-22251
4.4MEDIUM
Key Information:
- Vendor
VMware
- Vendor
- CVE Published:
- 29 February 2024
What is CVE-2024-22251?
VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure.
Affected Version(s)
VMware Fusion MacOS 13.x < 13.5.1
VMware Workstation Windows 17.x < 17.5.1