Lucene search
VmwareCVE-2023-20871HistoryApr 25, 2023 - 9:15 p.m.
CVE-2023-20871
2023-04-2521:15:10
vmware
web.nvd.nist.gov
113
cve-2023-20871
vmware fusion
privilege escalation
vulnerability
nvd
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8
Confidence
High
EPSS
0
Percentile
5.1%
VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system.
Affected configurations
Node
applemac_os_xMatch-
vmwarefusionRange13.0.0–13.0.2
CNA Affected
[
{
"vendor": "n/a",
"product": "VMware Fusion",
"versions": [
{
"version": "VMware Fusion (13.x)",
"status": "affected"
}
]
}
]Related
githubexploit
githubexploit
Exploit for Vulnerability in Vmware Fusion
2023-07-03 13:31:46
Exploit for Vulnerability in Vmware Fusion
2023-07-03 14:01:22
cvelist
cvelist
CVE-2023-20871
2023-04-25 00:00:00
prion
prion
Privilege escalation
2023-04-25 21:15:00
nvd
nvd
CVE-2023-20871
2023-04-25 21:15:10
thn
thn
VMware Releases Critical Patches for Workstation and Fusion Software
2023-04-26 07:05:00
nessus
nessus
VMware Fusion 13.0.x < 13.0.2 Multiple Vulnerabilities (VMSA-2023-0008)
2023-04-25 00:00:00
VMware Workstation 17.0.x < 17.0.2 Multiple Vulnerabilities (VMSA-2023-0008)
2023-04-25 00:00:00
malwarebytes
malwarebytes
Update now: Critical flaw in VMWare Fusion and VMWare Workstation
2023-04-28 00:45:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2023-20871