QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2019-5519

Back to search

CVE-2019-5519

Published: Apr 1, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.

VendorProductVersions

VMware

VMware ESXi, Workstation, Fusion

affected
ESXi 6.7 before ESXi670-201903001
affected
ESXi 6.5 before ESXi650-201903001
affected
ESXi 6.0 before ESXi600-201903001
affected
Workstation 15.x before 15.0.4
affected
Workstation 14.x before 14.1.7

+2 more versions

References

107535
vdb-entry
x_refsource_BID
108443
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now