CVE-2018-6969
First published: Fri Jul 13 2018(Updated: )
VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing must be enabled.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Tools | <10.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-6969?
CVE-2018-6969 is a vulnerability in VMware Tools (10.x and prior before 10.3.0) that allows attackers to escalate their privileges on the guest VMs or disclose sensitive information.
How severe is CVE-2018-6969?
CVE-2018-6969 has a severity rating of 7 (high).
What is the affected software version of CVE-2018-6969?
The affected software version of CVE-2018-6969 is VMware Tools 10.x and prior before 10.3.0.
How can CVE-2018-6969 be exploited?
CVE-2018-6969 can be exploited by successfully exploiting an out-of-bounds read vulnerability in the HGFS component of VMware Tools, which may allow attackers to escalate privileges or disclose sensitive information.
How do I fix CVE-2018-6969?
To fix CVE-2018-6969, update VMware Tools to version 10.3.0 or later, as this version contains the necessary patches to address the vulnerability.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/remedy
- agent/tags
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/vmware
- canonical/vmware tools