Mitigating the TALOS-2017-0376 vulnerability for VNC enabled virtual machines on VMware Workstation 12.x and Fusion 8.x
search cancel

Mitigating the TALOS-2017-0376 vulnerability for VNC enabled virtual machines on VMware Workstation 12.x and Fusion 8.x

book

Article ID: 324880

calendar_today

Updated On:

Products

VMware VMware Desktop Hypervisor

Issue/Introduction

This article provides information on how to enable VNC authentication to prevent Denial of Service vulnerability when using VNC on VMware Workstation Pro 12.x and VMware Fusion 8.x.

Environment

VMware Workstation Player 12.x
VMware Fusion 8.x

Cause

VMware Workstation and Fusion contain a Denial-of-Service vulnerability which can be triggered by opening a large number of VNC sessions.This security issue TALOS-2017-0376 is only exploitable when VNC is enabled. The common vulnerabilities and exposures project (cve.mitre.org) has assigned the identifier CVE-2018-6957 to this issue.

Resolution

To resolve this issue for a VNC enabled virtual machine, configure a VNC authentication password.

Workaround:
To workaround this issue:
  • For VMware Workstation 12.x: 
  1. From the VMware Workstation Menu bar, select virtual machine > Settings.
  2. Click the Options tab.
  3. Select VNC Connections from the list.
  4. Configure a password for the VNC connection.
  • For VMware Fusion 8.x
  1. From the VMware Fusion Menu bar, select virtual machine > Settings.
  2. Click Advanced.
  3. Select Remote Display over VNC.
  4. Configure a password for the VNC connection.


Additional Information

Discovered by Lilith Wyatt of Cisco Talos
http://talosintelligence.com/vulnerability-reports/

Powered by Wolken Software