Java Tech Enthusiast
Mar 14, 2024 · Information Security
VM Escape via Chrome and VMware: Six‑CVE Attack Chain
A Korean security firm demonstrated a real‑world VM‑escape chain in which a user clicking a malicious Chrome link inside a VMware guest triggers six linked CVEs—two Chrome sandbox bypasses, two Windows kernel driver flaws, a VM‑information leak, and a Bluetooth buffer overflow—ultimately granting the attacker host‑level code execution and full system compromise.
CVEChromeVM Escape
0 likes · 5 min read