VMware Fusion 6.x < 6.0.3 Windows 8.1 Guest Privilege Escalation (VMSA-2014-0005)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote host has a virtualization application that is affected by a
privilege escalation vulnerability.

Description :

The version of VMware Fusion installed on the remote Mac OS X host is
version 6.x prior to 6.0.3. It is, therefore, reportedly affected by a
privilege escalation vulnerability.

A kernel NULL dereference flaw exists in VMware tools on Windows 8.1
guest hosts. An attacker could escalate his privileges on the guest

Note that successful exploitation of the vulnerability does not allow
privilege escalation from the guest host to the host system.

See also :


Solution :

Upgrade to VMware Fusion 6.0.3 or later.

Risk factor :

High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.3
Public Exploit Available : false

Family: MacOS X Local Security Checks

Nessus Plugin ID: 74263 ()

Bugtraq ID: 67737

CVE ID: CVE-2014-3793

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial