

CVE-2024-4947 – Google Chrome Zero-Day Vulnerability Exploit in the Wild
May 16, 2024
Critical Vulnerabilities in Cacti Framework Could Allow Attackers to Run Malicious Code
May 16, 2024
CVE-2024-4947 – Google Chrome Zero-Day Vulnerability Exploit in the Wild
May 16, 2024
Critical Vulnerabilities in Cacti Framework Could Allow Attackers to Run Malicious Code
May 16, 2024Severity
High
Analysis Summary
CVE-2024-22270
VMware Workstation and Fusion could allow a local attacker to obtain sensitive information, caused by an error in the Host Guest File Sharing (HGFS) functionality. By sending a specially crafted request, a local attacker could exploit this vulnerability to read privileged information contained in hypervisor memory from a virtual machine.
Impact
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-22270
Affected Vendors
Affected Products
- VMware Workstation 17.5.1VMware Fusion 13.5.1
Remediation
Upgrade to the latest version of VMware Workstation and Fusion, available from the VMware Website.