VYPR
High severity8.8NVD Advisory· Published Dec 20, 2017· Updated Jun 17, 2026

CVE-2017-4941

CVE-2017-4941

Description

VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

91
  • VMware/Fusion2 versions
    cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*range: >=8.0.0,<8.5.9
    • (no CPE)range: 8.x before 8.5.9
  • cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*range: >=12.0.0,<12.5.8
    • (no CPE)range: 12.x before 12.5.8
  • VMware/Esxi87 versions
    cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*+ 86 more
    • cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:5.5:550-20170901001s:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:5.5:550-20170904001:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201706401:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201706402:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201706403:*:*:*:*:*:*
    • cpe:2.3:o:vmware:esxi:6.0:600-201710301:*:*:*:*:*:*
    • (no CPE)range: 6.0 before ESXi600-201711101-SG

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.