VMware Security Avisory VMSA-2020-0004 ( https://www.vmware.com/security/advisories/VMSA-2020-0004.html ) outlines a fix for a user-after-free bug in vmnetdhcp that allows guests to execute code in the host.  Affected platforms are: VMware Workstation Pro / Player, VMware Fusion Pro / Fusion, VMware Horizon Client for Windows, VMware Remote Console for Windows (VMRC for Windows)