EIP-2026-103034

PRE-CVE

VMware Workstation - ALSA Config File Local Privilege Escalation (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103034. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits a local privilege escalation vulnerability in VMware Workstation Pro and Player on Linux by leveraging an ALSA configuration file to load and execute a malicious shared object as root when launching a virtual machine with an attached sound card.

Description

VMware Workstation - ALSA Config File Local Privilege Escalation (Metasploit)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocallinux

https://www.exploit-db.com/exploits/43449

View Code ZIP pw:eip

This Metasploit module exploits a local privilege escalation vulnerability in VMware Workstation Pro and Player on Linux by leveraging an ALSA configuration file to load and execute a malicious shared object as root when launching a virtual machine with an attached sound card.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: VMware Workstation Pro and Player < 12.5.6

No auth needed

Prerequisites: VMware Workstation Pro or Player installed · gcc installed · ability to write files to a directory

MITRE ATT&CK

T1548.001 - Setuid and Setgid T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026