Update now: Critical flaw in VMWare Fusion and VMWare Workstation

Four vulnerabilities in virtualisation software have been fixed by VMware, including two which were exploited at the 20223 Pwn2Own contest. Three have been given the severity rating "Important", with the last CVE-2023-20869 is classed as "Critical". Success! @starlabssg used an uninitialized...

VMware Releases Critical Patches for Workstation and Fusion Software

VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 CVSS score: 9.3, is described as a stack-based...

CVE-2023-20871

creationtimestamp| type| source ---|---|--- 2023-04-26 00:25:11+00:00| seen| https://t.me/cibsecurity/62850 2023-04-26 15:00:06+00:00| seen| https://t.me/truesecator/4324 2023-07-03 13:37:17+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4674 2023-07-04 16:08:31+00:00|...

CVE-2023-20871

Summary (CVE-2023-20871) VMware Fusion contains a local privilege escalation flaw. A user with read/write access to the host OS can elevate privileges to gain root on the host. The vulnerability is characterized as an “Important” issue affecting Fusion (and related VMware blurbs note it as part o...

CVE-2023-20871

VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system...

VMware Workstation 17.0.x < 17.0.2 Multiple Vulnerabilities (VMSA-2023-0008)

The version of VMware Workstation installed on the remote host is 17.0.x prior to 17.0.2. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...