CVE-2021-22040 vulnerability in VMware Products
Published on February 16, 2022

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

NVD

Products Associated with CVE-2021-22040

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-22040 are published in these products:

VMware Cloud Foundation

VMware Fusion

VMware Workstation Player

VMware Workstation Pro

VMware ESXi

Exploit Probability

EPSS

0.66%

Percentile

70.84%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-22040 vulnerability in VMware ProductsPublished on February 16, 2022

Products Associated with CVE-2021-22040

Exploit Probability

CVE-2021-22040 vulnerability in VMware Products
Published on February 16, 2022