open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Open_vm_tools | Vmware | 11.0.0 (including) | 12.3.0 (including) |