5.9
CVE-2024-22251
- EPSS 0.06%
- Veröffentlicht 29.02.2024 01:44:05
- Zuletzt bearbeitet 10.06.2025 19:33:10
- Quelle security@vmware.com
- CVE-Watchlists
- Unerledigt
LoginOut-of-bounds read vulnerability
VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.194 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.4 | 0.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
| security@vmware.com | 5.9 | 1.4 | 4 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.