Uninitialized Stack Memory Usage in VMware Virtual Network Adapter Allows Guest-to-Host Code Execution

Uninitialized Stack Memory Usage in VMware Virtual Network Adapter Allows Guest-to-Host Code Execution

CVE-2018-6981 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may allow a guest to execute code on the host.

Learn more about our Network Penetration Testing.