This script is Copyright (C) 2017 Tenable Network Security, Inc.
A virtualization application installed on the remote Windows host is
affected by multiple vulnerabilities.
The version of VMware Workstation installed on the remote Windows host
is 12.x prior to 12.5.7. It is, therefore, affected by the following
- A remote code execution vulnerability exists in VMware
workstation within the SVGA device. An attacker with
user access can exploit this to execute arbitrary
- A denial of service vulnerability exists in VMware
workstation due to a NULL pointer deference when
handling guest RPC requests. An attacker with guest
access can exploit this to crash their VMs.
NOTE: This vulnerability only affects VMware
Workstation 12.5.2 and below. (CVE-2017-4925)
See also :
Upgrade to VMware Workstation version 12.5.7 or later.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.0
Public Exploit Available : false