VDB
CVE-2019-5526
CVE-2019-5526
PUBLISHED
CVSS 7.800000190734863 HIGH
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed.
EPSS 6.83% · 91.5th percentile
Risk Scores
CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
6.83%
91.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | VMware Workstation | VMware Workstation (15.x before 15.1.0) |
| vmware | workstation | 15.0.0 |
Exploit Intelligence
- CIRCL exploited: CVE-2019-5526 (circl-sighting)
- https://www.vmware.com/security/advisories/VMSA-2019-0007.html (circl)
- 108333 (circl)
- http://packetstormsecurity.com/files/152946/VMware-Workstation-DLL-Hijacking.html (circl)
- VMware Workstation 15.1.0 - DLL Hijacking Exploit (0day-today)
- VMware Workstation 15.1.0 - DLL Hijacking Exploit (0day-today)
Timeline
- May 15, 2019 CVE Published
- May 16, 2019 PoC Published
- May 16, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 19, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- May 1, 2025 EPSS Score
- May 4, 2025 EPSS Score
- Jun 1, 2025 EPSS Score