What is CVE-2024-22253?

CVE-2024-22253 is a critical vulnerability affecting VMware ESXi, Workstation, and Fusion systems. It involves a use-after-free issue in the UHCI USB controller, allowing a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host. This vulnerability is especially severe for Workstation and Fusion and is considered important for ESXi. Users should take necessary precautions to protect their systems.

Who is impacted by CVE-2024-22253?

Specifically, impacted versions include VMware ESXi 8.0 and 7.0, VMware Workstation Pro/Player 17.x, VMware Fusion Pro/Fusion 13.x, and VMware Cloud Foundation 5.x/4.x. If you use any of these products, it's important to be aware of this vulnerability and its potential impact on your systems.

What to do if CVE-2024-22253 affected you

If you're affected by the CVE-2024-22253 vulnerability, it's important to take action to protect your systems. Follow these steps:

1. Update VMware ESXi to version ESXi80U2sb-23305545, ESXi80U1d-23299997, or ESXi70U3p-23307199.

2. Update VMware Workstation to version 17.5.1.

3. Update VMware Fusion to version 13.5.1.

By updating your software to the latest versions, you can help mitigate the risk associated with this vulnerability.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

CVE-2024-22253 is currently awaiting analysis in CISA's Known Exploited Vulnerabilities Catalog. To protect your systems, ensure you update your VMware software to the latest versions as mentioned.

Weakness Enumeration

The weakness enumeration for this vulnerability is "Insufficient Information," indicating a lack of specific details about the vulnerability and its mitigation.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.

• VMware Security Advisory

• CVE Record