Home

CVE-2017-4925

Description

VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.19

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.0.0Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.0.1Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.0.2Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.1.0Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.0Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.1Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.2Mac
Multiple Vulnerabilities are affected in VMware Fusion for MAC 8.5.3Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234