13053 matches found
CVE-2023-34057
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine...
AZL-31718 CVE-2023-34058 affecting package open-vm-tools for versions less than 11.3.0-3
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
Privilege escalation
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine...
Design/Logic Flaw
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...
Security feature bypass
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34059
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...
CVE-2023-34059
CVE-2023-34059 is a local, high-severity vulnerability in open-vm-tools’ vmware-user-suid-wrapper that can hijack the /dev/uinput file descriptor to simulate user inputs. It affects multiple Linux distributions (e.g., Debian, Red Hat/CentOS, AlmaLinux/AlmaLinux, Amazon Linux 2/2023), with advisor...
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34058
CVE-2023-34058 affects open-vm-tools/VMware Tools. A SAML token signature bypass in VMware Tools can enable privilege elevation when a VM’s Guest Operation Privileges and a higher-privilege Guest Alias are involved. Multiple connected advisories confirm open-vm-tools as the affected component acr...
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34057
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine...
CVE-2023-34057
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine...
CVE-2023-34057
CVE-2023-34057 affects VMware Tools. A local user within a guest VM could escalate privileges in the VM. The vulnerability is addressed by updates to VMware Tools (e.g., versions 12.1.1 and 12.3.5 per advisories) with remediation guidance in VMSA-2023-0024; exploitation details are not provided i...
VMware Tools Security Vulnerability
VMware Tools is an enhancement tool that comes with VMware's VMWare virtual machines. It is a driver provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of the virtual machine with the host computer. A security vulnerability...
Vulnerabilities fixed in VMware Tools
VMware has fixed vulnerabilities in VMware Tools. A malicious person with access to a guest system in which VMWare Tools are installed can exploit the vulnerabilities to give themselves elevated privileges and thus potentially execute code with elevated privileges. VMware has released updates to...
VMware Tools Security Vulnerability
VMware Tools is an enhancement tool that comes with VMware's VMWare virtual machines, and is a driver provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of the virtual machine with the host computer. A security vulnerabilit...
VMware Tools Security Vulnerability
VMware Tools is an enhancement tool that comes with VMware's VMWare virtual machines, and is a driver provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of the virtual machine with the host computer. A security vulnerabilit...
CVE-2023-34057
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine...