VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could allow attackers to escape the sandbox and execute code on the host machine. About the vulnerabilities VMware ESXi is a bare-metal hypervisor, VMware Workstation and Fusion are desktop hypervisors, and VMware Cloud Foundation is a hybrid cloud platform. CVE-2024-22252 and CVE-2024-22253 affect VMware ESXi, Workstation, and Fusion and are critical use-after-free vulnerabilities in the XHCI … More

The post VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation appeared first on Help Net Security.