Actu
Vigil@nce - VMware Workstation and Player on MS-Windows: privilege escalation via missing ACLs
September 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can make profit of the miss of ACL in VMware
Workstation, in order to escalate his privileges.
– Impacted products: VMware Player, VMware Workstation.
– Severity: 2/4.
– Creation date: 10/07/2015.
DESCRIPTION OF THE VULNERABILITY
The VMware Workstation product is a virtualization tool.
A virtual machine is, as far as the Windows kernel knows, is an
ordinary process. However, one of the programs of the
virtualization layer does not define permissions where it should
do. This allows an attacker to inject code into one of these
processes, which typically run with hight privileges.
An attacker can therefore make profit of the miss of ACL in VMware
Workstation, in order to escalate his privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
