BestHub
Sign in
Information Security 5 min read

VM Escape via Chrome and VMware: Six‑CVE Attack Chain

A Korean security firm demonstrated a real‑world VM‑escape chain in which a user clicking a malicious Chrome link inside a VMware guest triggers six linked CVEs—two Chrome sandbox bypasses, two Windows kernel driver flaws, a VM‑information leak, and a Bluetooth buffer overflow—ultimately granting the attacker host‑level code execution and full system compromise.

Java Tech Enthusiast
Java Tech Enthusiast
Java Tech Enthusiast
VM Escape via Chrome and VMware: Six‑CVE Attack Chain

The article explains a real‑world VM‑escape attack demonstrated by a Korean security firm, where a user clicks a malicious link in Chrome running inside a VMware virtual machine and the host physical machine becomes compromised.

The attack chain consists of six CVEs: CVE-2023-3079: Chrome V8 JavaScript engine remote code execution. CVE-2023-21674: Privilege escalation out of Chromium sandbox. CVE-2023-29360: Windows kernel driver vulnerability granting system‑level rights. CVE-2023-34044: Information‑gathering vulnerability exposing VM internals. CVE-2023-20869: Exploits shared Bluetooth device channel to trigger a host buffer overflow. CVE-2023-36802: Another Windows kernel driver flaw that gives the attacker highest privileges on the host.

By sequentially exploiting these flaws, the attacker obtains high privileges inside the VM, extracts sensitive VM data, and finally executes code on the host, demonstrating how a simple click can lead to a full APT‑style compromise.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

SecurityCVEVMwareChromeVM Escapevulnerability chain
Java Tech Enthusiast
Written by

Java Tech Enthusiast

Sharing computer programming language knowledge, focusing on Java fundamentals, data structures, related tools, Spring Cloud, IntelliJ IDEA... Book giveaways, red‑packet rewards and other perks await!

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment