ASA-2019-00137 – VMware: The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00137

Identifier(s)

ASA-2019-00137, CVE-2019-5511, VMSA-2019-0002

Title

The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege

Vendor(s)

VMware

Product(s)

VMware Workstation Pro
VMware Workstation Player

Affected version(s)

VMware Workstation Pro 15.x for Windows
VMware Workstation Pro 14.x for Windows
VMware Workstation Player 15.x for Windows
VMware Workstation Player 14.x for Windows

Fixed version(s)

VMware Workstation Pro 15.0.3
VMware Workstation Pro 14.1.6
VMware Workstation Player 15.0.3
VMware Workstation Player 14.1.6

Proof of concept

Unknown

Description

Workstation does not handle paths appropriately. Successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege.

Technical details

Unknown

Credits

James Forshaw (Google Project Zero)

Reference(s)

VMSA-2019-0002
https://www.vmware.com/security/advisories/VMSA-2019-0002.html

NEW: VMSA-2019-0002 – VMware Workstation update addresses elevation of privilege issues.
https://seclists.org/bugtraq/2019/Mar/20

[Security-announce] NEW: VMSA-2019-0002 – VMware Workstation update addresses elevation of privilege issues.
https://lists.vmware.com/pipermail/security-announce/2019/000451.html

CVE-2019-5511
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5511

CVE-2019-5511
https://nvd.nist.gov/vuln/detail/CVE-2019-5511

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: March 15, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.