VMware addresses critical ESXi Sandbox Escape flaws


VMware, a virtualization technology vendor, has released urgent patches for critical-severity flaws in its enterprise-facing ESXi, Workstation, Fusion and Cloud Foundation products.

The company identified four vulnerabilities and warned that the most serious bugs could enable a malicious actor with local admin privileges on a virtual machine to execute code as the virtual machine’s VMX process on the host. Two of the four bugs have a CVSS severity score of 9.3 out of 10, and due to the increased risk to organizations, VMware is releasing fixes for some end-of-life products.

VMware also acknowledged an out-of-bounds write vulnerability in ESXi, which could lead to a sandbox escape.

Read More: VMware Patches Critical ESXi Sandbox Escape Flaws

Check Out The New ITsecuritywire Podcast. For more such updates follow us on Google News ITsecuritywire News.