CVE-2019-5511

VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle paths appropriately. Successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
vmwareCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
vmwareworkstation
14.0.0 ≤
𝑥
< 14.1.6
vmwareworkstation
15.0.0 ≤
𝑥
< 15.0.3
𝑥
= Vulnerable software versions
References
https://www.vmware.com/security/advisories/VMSA-2019-0002.html
https://www.vmware.com/security/advisories/VMSA-2019-0002.html