Home / Early Warning / Vulnerabilidades / CVE-2021-21997

CVE-2021-21997

Type: 
Unavailable / Other
Severity: 
Medium
Publication date: 
06/18/2021
Last modified: 
06/24/2021
Description
VMware Tools for Windows (11.x.y prior to 11.3.0) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest operating system.
Impact
Access Vector: Local
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: No impact on system integrity + No impact on system confidentiality + Total commitment on system availability
Vulnerable software and versions
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields