Report Incident
× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Advisory: VMware Security Advisory

VMware released security updates for its products to address the heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI).
 
Affected Systems
  • VMware ESXi
  • VMware Workstation Pro / Player
  • VMware Fusion Pro
  • VMware Cloud Foundation
 
Security Risks
A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute malicious codes.
 
Recommended Actions
The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:
 
a. Follow VMware advisory to lower risk of vulnerability exploitation.
b. Apply the required and latest security updates as soon as possible.
c. Before any update task, please ensure you have a recent backup that can easily be restored.
 
References
For advisories addressing lower severity vulnerabilities, see VMware Security advisories:
 
For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

20 December 2022

© 2024 National Cyber Security Authority