CVE-2019-5511

EUVD-2019-15086
VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle paths appropriately. Successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
vmwareworkstation
14.0.0 ≤
𝑥
< 14.1.6
vmwareworkstation
15.0.0 ≤
𝑥
< 15.0.3
𝑥
= Vulnerable software versions
References
https://www.vmware.com/security/advisories/VMSA-2019-0002.html
https://www.vmware.com/security/advisories/VMSA-2019-0002.html