ZDI 2026-03-16

ZDI-26-190: (Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

CVE-2025-41238

Machine-generated analysis · WAYSCloud LLM

The vulnerability is a heap-based buffer overflow in VMware Workstation's PVSCSI component, requiring an attacker to already execute high-privileged code within the guest system.

Context

VMware Workstation is affected by a local privilege escalation vulnerability in the PVSCSI driver. The issue is a heap-based buffer overflow that can be triggered by a local attacker with high-privileged code execution in the guest OS. The advisory notes the attacker must already have elevated privileges in the guest to exploit the condition. Worth noting the CVSS score is 8.2, indicating a relatively high impact given the prerequisites.

Operator considerations

Check: VMware Workstation installations using the PVSCSI driver for guest systems where high-privileged code execution is possible.

From Zero Day Initiative ↗

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2025-41238.

Read the full advisory on ZDI →