Today VMware has released the following new security advisory:
The advisory documents CVE-2013-5973 “VMware ESXi and ESX unauthorized file access through vCenter Server and ESX”. This issue may allow certain unprivileged users on vCenter Server access to arbitrary files on ESXi/ESX and may allow local unprivileged users on ESX (i.e. ESX 4.0 and ESX 4.1) access to arbitrary files. Modification of files on ESXi or ESX may allow for code execution after a host reboot.
Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.
Customers should review the security advisory and direct any questions to VMware Support.