5 matches found
Update now: Critical flaw in VMWare Fusion and VMWare Workstation
Four vulnerabilities in virtualisation software have been fixed by VMware, including two which were exploited at the 20223 Pwn2Own contest. Three have been given the severity rating "Important", with the last CVE-2023-20869 is classed as "Critical". Success! @starlabssg used an uninitialized...
VMware Releases Critical Patches for Workstation and Fusion Software
VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 CVSS score: 9.3, is described as a stack-based...
KLA49049 Multiple vulnerabilities in VMware Workstation
Multiple vulnerabilities were found in VMware Workstation. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability in bluetooth device-sharing functionality can ...
CVE-2023-20869
CVE-2023-20869 is a stack-based buffer overflow in VMware Workstation 17.x and VMware Fusion 13.x related to sharing host Bluetooth devices with the VM. Public reports and Vulners-derived references confirm this vulnerability, which can allow a local attacker with VM-level privileges to execute c...
VMware Workstation 17.0.x < 17.0.2 Multiple Vulnerabilities (VMSA-2023-0008)
The version of VMware Workstation installed on the remote host is 17.0.x prior to 17.0.2. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...