VMware Plugs Security Holes in Workstation, Fusion and ESXi lines

38

This week VMware shipped security updates for its Workstation, Fusion and ESXi product lines, and warned that a heap-overflow vulnerability could expose users to code execution attacks.

The security vulnerability, tracked as CVE-2021-22045 (CVSS score of 7.7), exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi. VMWare in an advisory said the security defect could be exploited by attackers with access to a virtual machine that has CD-ROM device emulation enabled.

Read More: Securityweek

For more such updates follow us on Google News ITsecuritywire News