The host is installed with the VMware Workstation 12.x before 12.5.8 or VMware Player 12.x before 12.5.8 and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle VNC packets processing. Successful exploitation could result in remote code execution in a virtual machine via the authenticated VNC session.