CVE-2019-5526
First published: Wed May 15 2019(Updated: )
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Workstation | >=15.0.0<15.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-5526?
CVE-2019-5526 is a vulnerability in VMware Workstation where some DLL files are improperly loaded by the application, allowing attackers to escalate their privileges on a Windows host.
What is the severity of CVE-2019-5526?
CVE-2019-5526 has a severity rating of 7.8 (critical).
How does CVE-2019-5526 affect VMware Workstation?
CVE-2019-5526 affects VMware Workstation versions 15.x before 15.1.0.
How can this vulnerability be exploited?
This vulnerability can be exploited by attackers with normal user privileges to escalate their privileges to administrator on a Windows host.
Where can I find more information about CVE-2019-5526?
More information about CVE-2019-5526 can be found at the following references: [1](http://packetstormsecurity.com/files/152946/VMware-Workstation-DLL-Hijacking.html), [2](http://www.securityfocus.com/bid/108333), [3](https://www.vmware.com/security/advisories/VMSA-2019-0007.html).
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- vendor/vmware
- canonical/vmware workstation
- version/vmware workstation/15.0.0