Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-22251

VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure.

  • Published: Feb 29, 2024
  • Updated: Jun 11, 2025
  • CVE: CVE-2024-22251
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.4
  • AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
vmware / workstation 17.0 17.5.1
vmware / fusion 13.0.0 13.5.1