Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

vulnerability

VMSA-2019-0014: VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial-of-service vulnerabilities. (CVE-2019-5527)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Oct 8, 2019
Added
Oct 8, 2019
Modified
Oct 7, 2025

Description

ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5.

Solutions

vmware-esxi60-upgrade-14513180vmware-esxi65-upgrade-13004031vmware-esxi67-upgrade-13006603
Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.