Opened The word from
If you didn’t sign up for the newsletter, I strongly recommend it - always great content for a Monday morning. You can get it by registering af https://forums.veeam.com too.
The CD-ROM device emulation in VMware Workstation, Fusion and ESXi has a heap-overflow vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.7.
Known Attack Vectors
A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine.