* Remote and local exploitation is feasible on vCenter Server 6.0 and 6.0.0a for Windows. Remote exploitation is not feasible on vCenter Server 6.0.0b (and above) for Windows but local exploitation is. The local exploitation possibility can be removed by applying the steps of KB 2145343 to vCenter Server 6.0.0b (and above) for Windows or by updating to vCenter Server 6.0 U2a for Windows.

** See VMSA-2015-0007 for details. vCenter Server 5.5 U3d, 5.1 U3d, and 5.0 U3g running on Windows address CVE-2016-3427 without the need to install the additional patch of KB 2144428 documented in VMSA-2015-0007.

*** vSphere Replication is affected if its vCloud Tunneling Agent is running, which is not enabled by default. This agent is used in environments that replicate data between the cloud and an on-premise datacenter.

b. Important VMware Workstation and Player for Windows host privilege escalation vulnerability.



VMware Workstation and Player for Windows do not properly reference one of their executables. This may allow a local attacker on the host to elevate their privileges.



VMware would like to thank Andrew Smith of Sword & Shield Enterprise Security for reporting this issue to us.



The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-2077 to this issue.



Column 4 of the following table lists the action required tto remediate the vulnerability in each release, if a solution is available.