Port-based I/O Operations Vulnerability in VMware ESXi and ESX

Port-based I/O Operations Vulnerability in VMware ESXi and ESX

CVE-2012-1515 · HIGH Severity

AV:A/AC:L/AU:N/C:C/I:C/A:C

VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.

Learn more about our User Device Pen Test.