CVE-2018-6983
HIGHVMware Workstation 14.0.0-14.1.5 and Fusion 10.0.0-10.1.5 - Integer Overflow in Virtual Network Devices
Title source: llmDescription
VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.vmware.com/security/advisories/VMSA-2018-0030.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/105986
Scores
CVSS v3
8.8
EPSS
0.0013
EPSS Percentile
31.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Details
CWE
CWE-190
Status
published
Products (2)
vmware/fusion
10.0.0 - 10.1.5
vmware/workstation
14.0.0 - 14.1.5
Published
Nov 27, 2018
Tracked Since
Feb 18, 2026