VMware fixes three zero-day bugs exploited at Pwn2Own 2024

VMware fixes three zero-day bugs exploited at Pwn2Own 2024


VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest.

The most severe flaw patched today is CVE-2024-22267, a use-after-free flaw in the vbluetooth device demoed by the STAR Labs SG and Theori teams.

“A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the…



Source link