VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.
2017-06-07T18:29:00.317
2025-04-20T01:37:25.860
Deferred
CVSSv3.1: 8.8 (HIGH)
AV:L/AC:L/Au:N/C:C/I:C/A:C
3.9
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | vmware | workstation_player | < 12.5.5 | Yes |
| Application | vmware | workstation_pro | < 12.5.5 | Yes |
| Operating System | vmware | esxi | 5.5 | Yes |
| Operating System | vmware | esxi | 5.5 | Yes |
| Operating System | vmware | esxi | 5.5 | Yes |
| Operating System | vmware | esxi | 5.5 | Yes |
| Operating System | vmware | esxi | 5.5 | Yes |
| Operating System | vmware | esxi | 6.5 | Yes |
| Operating System | vmware | esxi | 6.5 | Yes |
| Operating System | vmware | esxi | 6.5 | Yes |
| Operating System | vmware | esxi | 6.5 | Yes |
| Application | vmware | fusion | < 8.5.6 | Yes |
| Application | vmware | fusion_pro | < 8.5.6 | Yes |
| Operating System | apple | mac_os_x | - | No |