VMware Tools < 10.2.0 Program Execution Vulnerability (VMSA-2018-0003) (macOS)
Medium Nessus Plugin ID 105786
SynopsisAn application installed on the remote MacOS / MacOSX host is affected by a code execution vulnerability.
DescriptionThe version of VMware Tools installed on the remote MacOS/MacOSX host is prior to 10.2.0. It is, therefore, affected by an unspecified flaw in VMware Tools related to improper guest access control. This allows a proximate attacker to execute programs via Unity mode on locked Windows VMs.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to VMwware Tools version 10.2.0 or later.