The host is installed with the VMware Workstation 14.x before 14.1.7, 15.x before 15.0.4 or VMware Player 14.x before 14.1.7, 15.x before 15.0.4 and is prone to an out-of-bounds read/write vulnerability. The application fails to properly handle the virtual USB controller. Successful exploitation of this issue may allow a guest to execute code on the host.