VMware Fusion 10.x < 10.1.4 / 11.x < 11.0.1 vmxnet3 Guest-to-Host Code Execution Vulnerability (VMSA-2018-0027) (macOS)
High Nessus Plugin ID 118884
SynopsisA virtualization application installed on the remote macOS or Mac OS X host is affected by an uninitialized stack memory usage vulnerability.
DescriptionThe version of VMware Fusion installed on the remote macOS or Mac OS X host is 10.x prior to 10.1.4 or 11.x prior to 11.0.1. It is, therefore, affected by an uninitialized stack memory usage vulnerability in the vmxnet3 network adapter. An attacker with access to a guest system may be able to execute code on the host system by leveraging this vulnerability.
SolutionUpgrade to VMware Fusion version 10.1.4, 11.0.1, or later.