CVE-2019-5526

high

Description

VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed.

References

https://www.vmware.com/security/advisories/VMSA-2019-0007.html

http://www.securityfocus.com/bid/108333

http://packetstormsecurity.com/files/152946/VMware-Workstation-DLL-Hijacking.html

Details

Source: Mitre, NVD

Published: 2019-05-15

Updated: 2020-08-24

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High