Critical ESXi Sandbox Escape Vulnerabilities Addressed by VMware in Urgent Updates

March 5, 2024

VMware, a renowned name in the field of virtualization, has urgently rolled out updates to mitigate critical ESXi sandbox escape vulnerabilities present in its ESXi, Workstation, Fusion, and Cloud Foundation offerings. The most severe of these vulnerabilities could potentially be leveraged by an attacker who has local admin privileges on a virtual machine. This could lead to the execution of code as the VMX process of the virtual machine, which is running on the host.

The most critical vulnerabilities identified are the Use-after-free vulnerability in XHCI USB controller flaw (CVE-2024-22252) and the Use-after-free vulnerability in UHCI USB controller (CVE-2024-22253). Both of these vulnerabilities have been given a CVSS score of 9.3, indicating their severity.

As per the advisory on CVE-2024-22252, 'VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.'

The advisory on CVE-2024-22253 states, 'VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.'

In addition to these, the company has also addressed two other vulnerabilities.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.