VMware Releases Critical Patches for Workstation and Fusion Software

Multiple security holes affecting VMware’s Workstation and Fusion software have been fixed via upgrades, the most serious of which might grant code execution to a local attacker. The vulnerability, identified as CVE-2023-20869, is a stack-based buffer-overflow flaw that affects the ability of the virtual machine to share host Bluetooth devices.

The business stated that a malicious actor with local administrative rights on a virtual machine may take advantage of this flaw to run programmes as the virtual machine’s VMX process running on the host. An out-of-bounds read vulnerability affecting the same functionality that might be exploited by a local adversary with admin capabilities to read private data from a virtual machine’s hypervisor memory has also been patched by VMware.

VMware Releases Critical Patches for Workstation and Fusion Software

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

VMware Releases Critical Patches for Workstation and Fusion Software

26-Apr-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address