Intrusion PreventionVMware.Host.Guest.Client.Redirector.DLL.Side.Loading
Description
This indicates an attack attempt against an Insecure Library Loading vulnerability in VMware Tools.
This vulnerability is due to a design flaw in VMware Tools' module when handling DLL loading. The attacker can exploit this to upload malicious DLL file to take control of the affected system by luring a user to open a document in an attacker's share drive.
Affected Products
VMware Tools for Windows version 10.0.5 and prior
VMware workstation Pro version 12.1 and prior
VMware workstation Player version 12.1 and prior
VMware ESXI version 5.0, 5.1, 5.5 and 6.0
VMware Fusion version 8.1 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.vmware.com/in/security/advisories/VMSA-2016-0010.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-06-10 | 14.629 | Severity:medium:high |
| ID | 43155 |
| Created | Oct 04, 2016 |
| Updated | Jun 07, 2019 |
| Risk |
|
| CVE ID | CVE-2016-5330 |
| Exploit Prediction Score | 2.04% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |