CVE-2019-5512
HIGHVMware Workstation <15.0.3-14.1.6 - Privilege Escalation
Title source: llmDescription
VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle COM classes appropriately. Successful exploitation of this issue may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textlocalwindows
https://www.exploit-db.com/exploits/46601
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.vmware.com/security/advisories/VMSA-2019-0002.html
Scores
CVSS v3
8.8
EPSS
0.0031
EPSS Percentile
53.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Details
Status
published
Products (1)
vmware/workstation
14.0.0 - 14.1.6
Published
Apr 09, 2019
Tracked Since
Feb 18, 2026