CVE-2019-5526

CVE Database · CVE-2019-5526

CVE-2019-5526

· N/AModified

CVSS v3.1

N/A

EPSS

9.21%

Published

May 15, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (2)

All weaponized →

Exploit-DBVMware Workstation 15.1.0 - DLL Hijacking TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed.

Weaknesses (CWE)

CWE-427

Affected Products (1)

vmware · workstation (up to 15.1.0)vulnerable

References (6)

http://packetstormsecurity.com/files/152946/VMware-Workstation-DLL-Hijacking.html

Third Party Advisory

http://www.securityfocus.com/bid/108333

Third Party AdvisoryVDB Entry

https://www.vmware.com/security/advisories/VMSA-2019-0007.html

Vendor Advisory