Vulnerabilities

CVE-2024-22252, 22253, 22254 & 22255 VMWare sandbox escape flaws in ESXi, Workstation, and Fusion

This advisory is for organizations that use VMWare ESXi, Workstation, Fusion, and Cloud Foundation products.  If your organization does not use these VMWare products, this notification may be discarded.

 

Summary

VMWare has released security updates to address critical vulnerabilities in VMWare ESXi, Workstation, Fusion, and Cloud Foundation.  The vulnerability could potentially allow an attacker to chain vulnerabilities and after gaining local administrative privileges to a virtual machine, escape sandbox mitigations and execute code as the VMX process to access the underlying operating systems and/or other VMs operating on the hypervisor.

Affected Platforms

Product

Version

Running On

CVE Identifier

CVSSv3

Severity

Fixed Version

Workarounds

ESXi

8

Any

CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255

8.4, 8.4, 7.9, 7.1

Critical

ESXi80U2sb-23305545

KB96682

ESXi

8

Any

CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255

8.4, 8.4, 7.9, 7.1

Critical

ESXi80U1d-23299997

KB96682

ESXi

7

Any

CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255

8.4, 8.4, 7.9, 7.1

Critical

ESXi70U3p-23307199

KB96682

Workstation

17.x

Any

CVE-2024-22252, CVE-2024-22253, CVE-2024-22255

9.3, 9.3, 7.1

Critical

17.5.1

KB96682

Fusion

13.x

MacOS

CVE-2024-22252, CVE-2024-22253, CVE-2024-22255

9.3, 9.3, 7.1

Critical

13.5.1

KB96682

Cloud Foundation (ESXi)

5.x/4.x

Any

CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255

8.4, 8.4, 7.9, 7.1

Critical

KB88287

KB96682

Additionally, VMware has made security fixes available for older ESXi versions (6.7U3u), 6.5 (6.5U3v), and VCF 3.x due to the vulnerabilities' severity.

Mitigations

A practical workaround to mitigate CVE-2024-22252, CVE-2024-22253, and CVE-2024-22255 is to remove USB controllers from virtual machines following the instructions provided by the vendor. Note that this may impact keyboard, mouse, and USB stick connectivity in some configurations.

Additional Resources

https://www.vmware.com/security/advisories/VMSA-2024-0006.html

https://www.bleepingcomputer.com/news/security/vmware-fixes-critical-sandbox-escape-flaws-in-esxi-workstation-and-fusion/