VMware.Workstation.Host.drag.and.drop.Code.Execution
Description
This indicates an attack attempt against a Command Execution vulnerability in VMware products.
The vulnerability is caused by an error when the vulnerable software handles a malicious drag-and-drop (DnD) packet. It allows the guest OS to execute arbitrary commands on Host machine via a crafted packet.
Affected Products
VMware Workstation 12.x before version 12.5.4
VMware Fusion 8.x before version 8.5.5
Impact
System Compromise: Guest OS can gain control of the vulnerable Host machine.
Recommended Actions
Refer to the vendor's advisory for updates:
https://www.vmware.com/security/advisories/VMSA-2017-0005.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |