VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the “vmware-vmx” process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.
[
{
"product": "Workstation Pro/Player",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x prior to version 12.5.3"
}
]
}
]