Broadcom warned today that a trio of VMware zero days are being exploited in the wild – and can be used to “escape” from a virtual machine (VM) to the underlying hypervisor itself, with root privileges.
Yes, that’s a “yikes.” That’s potentially a hacker going from compromising a meagre single VM to your entire VMware private cloud.
Moderately less “yikes” is the fact that to exploit them an attacker would already need local administrative privileges on a guest operating…
Article Source
https://www.thestack.technology/vmware-critical-vm-escape-zero-days-exploited-in-wild/
