This paper covers several previously published information leak and stack-based buffer overflow vulnerabilities in VMware Workstation that allow an attacker to escape from a guest VM and execute malicious code (e.g. a reverse shell) on the host operating system.
The paper aims to provide a more detailed explanation of these vulnerabilities, focusing on developing a working PoC with the help of Ghidra and WinDBG. NCC Group has an EDG (Exploit Development Group) and security research departments that focus on investigating such vulnerabilities and developing working exploits for our security consultants and red teamers to utilise during their engagements.