The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.

The remote VMware ESXi 6.0 host is prior to build 3380124. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.

The remote VMware ESXi 5.5 host is prior to build 3248547. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.

The remote VMware ESXi 5.1 host is prior to build 3070626. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.

The remote VMware ESXi 5.0 host is prior to build 3086167. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.

The version of VMware Workstation installed on the remote host is 11.x prior to 11.1.2. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.

The version of VMware Player installed on the remote host is 7.x prior to 7.1.2. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.

The version of VMware Player installed on the remote host is version 7.x prior to 7.1.2. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.

The version of VMware Fusion installed on the remote Mac OS X host is 7.x prior to 7.1.2. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.

Important Windows-based guest privilege escalation in VMware Tools

A kernel memory corruption vulnerability is present in the VMware Tools 'Shared Folders' (HGFS) feature running on Microsoft Windows. Successful exploitation of this issue could lead to an escalation of privilege in the guest operating system.

VMware would like to thank Dmitry Janushkevich from the Secunia Research Team for reporting this issue to us.

Note: This vulnerability does not allow for privilege escalation from the guest operating system to the host. Host memory can not be manipulated from the guest operating system by exploiting this flaw.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-6933 to this issue.

Workarounds Removing the 'Shared Folders' (HGFS) feature from previously installed VMware Tools will remove the possibility of exploitation.

ID	Name	Product	Family	Severity
87943	ESXi 6.0 < Build 3380124 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)	Nessus	Misc.	medium
87942	ESXi 5.5 < Build 3248547 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)	Nessus	Misc.	medium
87941	ESXi 5.1 < Build 3070626 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)	Nessus	Misc.	medium
87940	ESXi 5.0 < Build 3086167 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)	Nessus	Misc.	medium
87928	VMware Workstation 11.x < 11.1.2 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001)	Nessus	Windows	medium
87927	VMware Workstation 11.x < 11.1.2 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (Linux)	Nessus	General	medium
87926	VMware Player 7.x < 7.1.2 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001)	Nessus	Windows	medium
87925	VMware Player 7.x < 7.1.2 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (Linux)	Nessus	General	medium
87924	VMware Fusion 7.x < 7.1.2 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001)	Nessus	MacOS X Local Security Checks	medium
87889	VMSA-2016-0001 : VMware ESXi, Workstation, Player, and Fusion updates address important guest privilege escalation vulnerability	Nessus	VMware ESX Local Security Checks	medium

Detections

Analytics

CVE-2015-6933

medium

Tenable Plugins

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium