Severity by source
AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes.
AnalysisAI
VMware Workstation 25H1 and earlier contains an out-of-bounds write vulnerability that allows unprivileged guest VM users to crash specific Workstation processes. The vulnerability requires user interaction and does not enable privilege escalation or data theft, making it suitable for denial-of-service attacks against the host virtualization platform. No patch is currently available for this medium-severity flaw.
Technical ContextAI
Classified as CWE-787 (Out-of-bounds Write). Affects VMware Workstation 25H1 and below on any platform. Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes.
Affected ProductsAI
Product: VMware Workstation 25H1 and below on any platform.
RemediationAI
Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.
Same weakness CWE-787 – Out-of-bounds Write
View allShare
External POC / Exploit Code
Leaving vuln.today