The host is installed with VMware Fusion 12.x before 12.2.1 and is prone to a double-fetch vulnerability. A flaw is present in the application, which fails to handle an issue in the UHCI USB controller. Successful exploitation allows attackers with local administrative privileges on a virtual machine to exploit this issue to execute code as the virtual machine's VMX process running on the host.