Lucene search
VmwareCVELIST:CVE-2024-22254HistoryMar 05, 2024 - 5:58 p.m.
CVE-2024-22254 Out-of-bounds write vulnerability
2024-03-0517:58:24
vmware
www.cve.org
4
vmware
esxi
out-of-bounds write
vulnerability
sandbox escape
CVSS3
7.9
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
AI Score
8
Confidence
High
EPSS
0
Percentile
9.0%
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U2sb-23305545",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U1d-23299997",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3p-23307199",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
]Related
nvd
nvd
CVE-2024-22254
2024-03-05 18:15:48
vulnrichment
vulnrichment
CVE-2024-22254 Out-of-bounds write vulnerability
2024-03-05 17:58:24
cve
cve
CVE-2024-22254
2024-03-05 18:15:48
prion
prion
Design/Logic Flaw
2024-03-05 18:15:00
malwarebytes
malwarebytes
nessus
nessus
VMware Workstation 17.0.x < 17.5.1 Multiple Vulnerabilities (VMSA-2024-0006)
2024-03-05 00:00:00
VMware ESXi 7.0 / 8.0 Multiple Vulnerabilities (VMSA-2024-0006)
2024-03-07 00:00:00
VMware Fusion 13.0.x < 13.5.1 Multiple Vulnerabilities (VMSA-2024-0006)
2024-03-05 00:00:00
thn
thn
VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws
2024-03-06 07:20:00
vmware
vmware
hivepro
hivepro
Critical VMware Vulnerabilities Leading To Sandbox Escape
2024-03-11 09:51:13
CVSS3
7.9
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
AI Score
8
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2024-22254