Ample number of vulnerabilities have been found in VMware products. All the vulnerabilities are reported. Through those vulnerabilities attacker can easily exploit the users system by conduct cross site scripting (XSS) attacks, gain elevated privileges , or execute arbitrary code.
To be more expressive lets look at those vulnerabilities in detail:
1. Cross Site Scripting Vulnerability (CVE-2017-4940) – Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates.
By leveraging XSS, an attacker does not target a victim directly. Instead, an attacker would exploit a vulnerability within a website or web application that the victim would visit, essentially using the vulnerable website as a vehicle to deliver a malicious script to the victim’s browser.
This susceptibility stays in ESXi host client because of inappropriate validation in HTML code provided by the user.
2. Privilege Escalation Vulnerability (CVE-2017-4943) -This vulnerability is due to improper handling and execution of files by the WER feature of the affected software. An attacker could exploit this vulnerability by accessing the system with valid credentials and executing an application that is designed to submit malicious input. An exploit could allow the attacker to gain elevated privileges on the system, which could be used to access sensitive information or other system functionality.
3. Remote Code Execution Vulnerability (CVE-2017-4933 CVE-2017-4941) -Remote code execution is the ability an attacker has to access someone else’s computing device and make changes, no matter where the device is geographically located. Vulnerabilities can provide an attacker with the ability to execute malicious code and take complete control of an affected system with the privileges of the user running the application. After gaining access to the system, attackers will often attempt to elevate their privileges.
VMware Fusion versions 8.x, 10.x
VMware ESXi versions 5.5, 6.0, 6.5
VMware Workstations versions 14.x, 12.x