CVSS 3.1 Score 7.1 of 10 (high)


Published Mar 5, 2024


CVE-2024-22255 is an information disclosure vulnerability found in VMware ESXi, Workstation, and Fusion. This vulnerability is related to the UHCI USB controller and allows a malicious actor with administrative access to a virtual machine to exploit it and leak memory from the vmx process. The risk score for this vulnerability is 40, indicating a high severity. The base severity score is 7.1, with a confidentiality impact of HIGH. The exploitability score is 2.5, with an attack vector of LOCAL and no privileges required. To mitigate this vulnerability, users should update their VMware products to the latest version provided by the vendor.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-22255 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options