CVE-2017-15884

CVE-2017-15884

EPSS 0.9%

In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://m4.rkw.io/blog/cve201715884-local-root-privesc-in-hashicorp-vagrantvmwarefusion-500.html https://www.exploit-db.com/exploits/43222/