virus logo FortiClient Vulnerability

VMware Fusion CVE-2017-5753 Information Disclosure Vulnerability

description-logoDescription

CPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. (Speculative execution is an automatic and inherent CPU performance optimization used in all modern processors. ) ESXi, Workstation and Fusion are vulnerable to Bounds Check Bypass and Branch Target Injection issues resulting from this vulnerability. Result of exploitation may allow for information disclosure from one Virtual Machine to another Virtual Machine that is running on the same host. The remediation listed in the table below is for the known variants of the Bounds Check Bypass and Branch Target Injection issues.

affected-products-logoAffected Applications

VMware Fusion

CVE References

CVE-2017-5753

Other References

http://www.vmware.com/security/advisories/VMSA-2018-0002.html
ID 41573
Created Aug 12, 2018
Description
Updated		 Dec 20, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS MacOS
Vendor VMware
Patch manual
Application VMware Fusion