VMware Tools update addresses an out-of-bounds read vulnerability

VMware Tools Shared Folders out-of-bounds read vulnerability

VMware Tools for Windows contains an out-of-bounds read vulnerability in the Shared Folders feature. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs.

Note: In order to be able to exploit this issue, Shared Folders feature must be enabled. This issue only affects Windows VMs running on VMware Workstation or Fusion. Products that do not allow the Shared Folders feature to be enabled are not affected.

VMware would like to thank Anurudh for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2018-6969 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.