The Cabinet Division has issued a Cyber Security Advisory regarding vulnerabilities in VMWare Workstation and Fusion.
The advisory highlights several critical issues that have been identified and addressed by VMWare through recent upgrades. Users are urged to update their software to mitigate potential risks.
According to the advisory, multiple vulnerabilities have been identified. These include CVE-2024-22267, a use-after-free vulnerability that allows an attacker with local administrative privileges to execute arbitrary code on the host system. Additionally, CVE-2024-22268, a heap buffer overflow vulnerability, can lead to a denial-of-service condition. CVE-2024-22269 and CVE-2024-22270 are information disclosure vulnerabilities that permit an attacker to access privileged data with local administrative privileges.
The Cabinet Division has recommended that users apply the necessary security patches by upgrading VMWare Workstation to version 17.5.2 or later and Fusion to version 13.5.2 or later. According to the Cabinet Division, these updates are crucial for maintaining the security and integrity of systems running the affected software.
The advisory has asked the Federal and provincial governments, ministries, and divisions to disseminate this information to all relevant organizations and departments. Ensuring that these entities implement the necessary protective measures is vital to safeguard against potential cyber threats posed by these vulnerabilities.
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.