VMware API Allows Limited vSphere Users to Access Guest OS
LAS VEGAS – BLACK HAT USA – Researchers discovered that a VMware API can be abused by vSphere users with limited privileges to access the guest operating system without authentication. VMware has provided workarounds for preventing potential attacks exploiting the vulnerability.
Read more: VMware API Allows Limited vSphere Users to Access Guest OS
Story added 28. July 2017, content source with full text you can find at link above.