CVE-2026-22715 VMWARE — Exploit & Vulnerability Details MEDIUM

CVE-2026-22715

MEDIUM CVSS 3.1: 5.9 EPSS 0.03%

Parameter	Value
CVSS	5.9 (MEDIUM)
Type	CWE-923
Vendor	VMWARE
Public PoC	No

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715 please upgrade to VMware Workstation or Fusion Version 25H2U1

Attack Parameters

Attack Vector

Adjacent

Нужен доступ к локальной сети

Attack Complexity

High

Сложно эксплуатировать

Privileges Required

None

Права не нужны

User Interaction

None

Не нужно действие пользователя

Impact Assessment

Confidentiality

None

Нет утечки данных

Integrity

High

Полная модификация данных

Availability

Low

Частичное нарушение работы

CVSS Vector v3.1

Weakness Type (CWE)

CWE-923

References 1

https://support.broadcom.com/web/ecx/support-content-notification/-/external/co…

security@vmware.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-28713

VMWARE

7.1

CVE-2026-22717

VMWARE

2.7

CVE-2026-22716

VMWARE

5.0

CVE-2026-22721

VMWARE

6.2

CVE-2026-22720

VMWARE

8.0

Menu

CVE-2026-22715

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-28713

CVE-2026-22717

CVE-2026-22716

CVE-2026-22721

CVE-2026-22720

CVE Details

Editor's Choice