The attack works against older Windows-based guest operating systems

Dec 4, 2013 09:04 GMT  ·  By

Certain versions of VMware’s Workstation, Fusion, ESX and ESXi products are impacted by a vulnerability in the Lgtosync.sys driver that could be leveraged for privilege escalation on older Windows-based guest operating systems.

The company has released patches to address the issue. According to a security advisory, Workstation 9.x prior to version 9.0.3, Player 5.x prior to version 5.0.3, and Fusion 5.x prior to version 5.0.4 are affected.

ESXi 4.0, 4.1, 5.0 and 5.1 without a certain patch are also vulnerable to attacks. The same goes for unpatched versions of ESX 4.0 and 4.1.

A local attacker can exploit the security hole to manipulate memory allocation in order to escalate privileges on 32-bit guest operating systems running Windows XP, Windows 2000 Server or Windows 2003 Server on ESX and ESXi, or Windows XP on Fusion and Workstation.

The vulnerability, CVE-2013-3519, has been reported by Derek Soeder of Cylance.