Fusion Security Vulnerabilities - 2023
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
8.2CVSS
8.4AI Score
0.002EPSS
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
6CVSS
7AI Score
0.001EPSS
VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system.
7.8CVSS
8AI Score
0.0004EPSS
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
8.8CVSS
8.5AI Score
0.0004EPSS
VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-boundsread vulnerability that exists in the functionality for sharing hostBluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtualmachine may be able to re...
7.1CVSS
5.7AI Score
0.0004EPSS
VMware Fusion(13.x prior to 13.5) contains a local privilege escalation vulnerability that occurs duringinstallation for the first time (the user needs to drag or copy theapplication to a folder from the '.dmg' volume) or when installing anupgrade. A malicious actor with local non-administrative us...
7.8CVSS
7.8AI Score
0.0004EPSS
VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use)vulnerability that occurs during installation for the first time (theuser needs to drag or copy the application to a folder from the '.dmg'volume) or when installing an upgrade. A malicious actor with local non-administr...
7CVSS
7.1AI Score
0.0004EPSS