Broadcom Reveals Critical VMware Flaws: Code Execution (CVE-2024-22267) and Data Leaks

In a recent security advisory, Broadcom has revealed a series of critical vulnerabilities affecting VMware Workstation and Fusion, popular virtualization software used by businesses and individuals worldwide. These flaws, tracked as CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, and CVE-2024-22270, expose users to a range of threats, including code execution and information disclosure.

A Deep Dive into the Vulnerabilities

The most severe of these vulnerabilities, CVE-2024-22267, is a use-after-free flaw in the vBluetooth device that could allow an attacker with administrative privileges on a virtual machine to execute arbitrary code on the host system. With a CVSS score of 9.3, this flaw poses a significant risk and demands immediate attention.

Other vulnerabilities, though not as critical, still present serious concerns. CVE-2024-22268, a buffer-overflow vulnerability in the Shader functionality, could lead to denial-of-service conditions. Meanwhile, CVE-2024-22269 and CVE-2024-22270 are information disclosure vulnerabilities that could allow attackers to read sensitive information from hypervisor memory.

Impact and Mitigation

These vulnerabilities affect a wide range of VMware Workstation and Fusion versions, putting numerous users at risk. Broadcom has released patches to address these issues, urging users to update their software to the latest versions (Workstation 17.5.2 and Fusion 13.5.2).

In addition to patching, users can refer to VMware knowledge base articles KB91760 and KB59146 for workarounds and further mitigation advice.