vulnerability

VMware VMware Tools: CVE-2019-5522: VMware Tools for Windows out of bounds read vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:L/Au:N/C:P/I:N/A:P)	Jun 6, 2019	Jun 3, 2025	Aug 20, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:P)

Published

Jun 6, 2019

Added

Jun 3, 2025

Modified

Aug 20, 2025

Description

VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. This issue is present in versions 10.2.x and 10.3.x prior to 10.3.10. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1.

Solution

vmware-tools-upgrade-latest

References

URL-https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23554
CVE-2019-5522
https://attackerkb.com/topics/CVE-2019-5522
CWE-125

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today