Vulnerability Description
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Workstation | >= 15.0.0, < 15.1.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/152946/VMware-Workstation-DLL-Hijacking.htmThird Party Advisory
- http://www.securityfocus.com/bid/108333Third Party AdvisoryVDB Entry
- https://www.vmware.com/security/advisories/VMSA-2019-0007.htmlVendor Advisory
- http://packetstormsecurity.com/files/152946/VMware-Workstation-DLL-Hijacking.htmThird Party Advisory
- http://www.securityfocus.com/bid/108333Third Party AdvisoryVDB Entry
- https://www.vmware.com/security/advisories/VMSA-2019-0007.htmlVendor Advisory
FAQ
What is CVE-2019-5526?
CVE-2019-5526 is a vulnerability with a CVSS score of 7.8 (HIGH). VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with n...
How severe is CVE-2019-5526?
CVE-2019-5526 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-5526?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Workstation.