CVE-2017-4898
VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed.
| Software | From | Fixed in |
|---|---|---|
| vmware / workstation_player | 12.0.0 | 12.0.0.x |
| vmware / workstation_player | 12.5.1 | 12.5.1.x |
| vmware / workstation_pro | 12.5.2 | 12.5.2.x |
| vmware / workstation_pro | 12.0.1 | 12.0.1.x |
| vmware / workstation_player | 12.5.2 | 12.5.2.x |
| vmware / workstation_pro | 12.1.0 | 12.1.0.x |
| vmware / workstation_pro | 12.5.1 | 12.5.1.x |
| vmware / workstation_player | 12.1.0 | 12.1.0.x |
| vmware / workstation_player | 12.0.1 | 12.0.1.x |
| vmware / workstation_pro | 12.5.0 | 12.5.0.x |
| vmware / workstation_player | 12.5.0 | 12.5.0.x |
| vmware / workstation_pro | 12.0.0 | 12.0.0.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime