The Pakistan Telecommunication Authority (PTA) has issued a Cyber Security Advisory about serious security problems in VMware Workstation and Fusion software.
Three major vulnerabilities, identified as CVE-2024-22267, CVE-2024-22268, and CVE-2024-22269, have been discovered. These vulnerabilities are very dangerous because they allow attackers to run harmful code, cause software crashes, and access private information. If these issues are exploited, it could lead to the software not working properly, losing access to important data, and revealing sensitive information.
The PTA’s advisory explains that the security issues affect VMware Workstation version 17.5.1 and VMware Fusion version 13.5.1. These issues involve a high-risk type of attack known as a buffer overflow, which could be exploited by attackers.
The PTA strongly advises all users and system administrators to immediately update to the latest versions of VMware Workstation and VMware Fusion. These updated versions include fixes for the identified security problems.
Users should also be cautious and avoid opening any suspicious virtual machines or files that could be designed to exploit these vulnerabilities.
The advisory recommends that organizations check their systems for these security issues and quickly apply any necessary security patches or fixes. Additionally, it is suggested that they use strong monitoring tools to detect any unusual activities or attempts to exploit these vulnerabilities.
