[German]A short addendum from last week. I recently reported on updates to VMware products. VMware has now classified certain vulnerabilities in its virtualization products as critical in a security advisory. It should therefore be patched quickly, if not already done. Addendum: I have just seen that around 1,800 VMware ESXi installations in Germany are potentially affected.
Advertising
In my German blog post VMware Produktportfolio: Interna der Lizenzierung; und Lenovo ist seit 27. Feb. 2024 raus I reported on updates to VMware Workstation and Player to version 17.5.1. VMware had published the release notes here. A German blog reader pointed out the VMware Security Advisory 2024-0006. An update from March 5, 2024 deals with the vulnerabilities CVE-2024-22252, CVE-2024-22253, CVE-2024-22254 and CVE-2024-22255. VMware has released security updates to close these vulnerabilities in VMware ESXi, Workstation and Fusion.
While CVE-2024-22251 quoted first as "moderate", it's now classified as "critical". There are now four new severe or critical CVEs: 22252, 22253, 22254, 22255 for the following VMware products:
ESXi, Workstation Pro/Player, Fusion/Pro, Cloud Foundation
und folgende Schwachstellen:
- Use-after-free XHCI USB controller (CVE-2024-22252)
- Use-after-free UHCI USB controller (CVE-2024-22253)
- ESXi Out-of-bounds write (CVE-2024-22254)
- Information disclosure UHCI USB controller (CVE-2024-22255)
The vulnerability CVE-2024-22254 (Out-of-bounds write) in ESXi server allows an attacker with VMX process privileges to write outside the specified memory area (bounds), which can lead to a breakout from the sandbox.
All ESXi versions of 6.5, 6.7, 7.0, 8.0 ; Workstation 17.x ; Fusion 13.x and VCF 3.x are affected. The colleagues from Bleeping Computer had also reported here about that (I was off road and could not post that).
Advertising
Vulnerability CVE-2024-22252 affects systems
ShadowServer has published statistics on ESXi systems that are vulnerable to the CVE-2024-22252 vulnerability. The tweet reads:
We are scanning & sharing VMware ESXi instances which have vulnerabilities that could allow a malicious actor with local admin privileges to escape sandbox protections – vmware.com/security/advis Tagged as "cve-2024-22252". Based on version checks, we see ~16.5K vulnerable.
In the USA are about 1,022 VMware ESXi systems potentially affected.
