Today VMware has released the following new security advisory:

VMSA-2017-0021VMware ESXi, vCenter Server Appliance, Workstation and Fusion updates address multiple security vulnerabilities

This documents the remediation of four Important severity issues (CVE-2017-4933, CVE-2017-4940, CVE-2017-4941, and CVE-2017-4943). These issues affect VMware ESXi, VMware Workstation, VMware Fusion and VMware vCenter Server Appliance.

Issues (a) CVE-2017-4941 and (b) CVE-2017-4933 are stack overflow and heap overflow vulnerabilities respectively. Successful exploitation of these issues could result in remote code execution in a virtual machine via the authenticated VNC session. These issues affect VMware ESXi, Workstation, and Fusion. In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine’s .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.

Issue (c) CVE-2017-4940 is a stored cross-site scripting vulnerability and affects the ESXi Host Client. An attacker can exploit this vulnerability by injecting JavaScript, which might get executed when other users access the Host Client. Please refer to VMSA-2017-0021 for ESXi 6.5, 6.0 and 5.5 patches.

Issue (d) CVE-2017-4943 is a privilege escalation vulnerability via the ‘showlog’ plugin in vCenter Server Appliance (vCSA). Successful exploitation of this issue could result in a low privileged user gaining root level privileges over the appliance base OS. This issue affects only vCSA 6.5.

We would like to thank Alain Homewood of Insomnia Security, Lukasz Plonka, Lilith Wyatt and another member of Cisco Talos for reporting these issues to us.

Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.

Customers should review the security advisories and direct any questions to VMware Support.