Security
Headlines
HeadlinesLatestCVEs

Headline

VMware Releases Critical Patches for Workstation and Fusion Software

VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 (CVSS score: 9.3), is described as a stack-based buffer-overflow vulnerability that resides in the functionality for sharing host Bluetooth devices with the

The Hacker News
#vulnerability#web#mac#vmware#The Hacker News

Virtual Machine / Cybersecurity

VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution.

The vulnerability, tracked as CVE-2023-20869 (CVSS score: 9.3), is described as a stack-based buffer-overflow vulnerability that resides in the functionality for sharing host Bluetooth devices with the virtual machine.

“A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host,” the company said.

Also patched by VMware is an out-of-bounds read vulnerability affecting the same feature (CVE-2023-20870, CVSS score: 7.1), that could be abused by a local adversary with admin privileges to read sensitive information contained in hypervisor memory from a virtual machine.

Both vulnerabilities were demonstrated by researchers from STAR Labs on the third day of the Pwn2Own hacking contest held in Vancouver last month, earning them an $80,000 reward.

VMware has also patched two additional shortcomings, which include a local privilege escalation flaw (CVE-2023-20871, CVSS score: 7.3) in Fusion and an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation (CVE-2023-20872, CVSS score: 7.7).

While the former could enable a bad actor with read/write access to the host operating system to obtain root access, the latter could result in arbitrary code execution.

“A malicious attacker with access to a virtual machine that has a physical CD/DVD drive attached and configured to use a virtual SCSI controller may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine,” VMware said.

The flaws have been addressed in Workstation version 17.0.2 and Fusion version 13.0.2. As a temporary workaround for CVE-2023-20869 and CVE-2023-20870, VMware is suggesting that users turn off Bluetooth support on the virtual machine.

UPCOMING WEBINAR

Zero Trust + Deception: Learn How to Outsmart Attackers!

Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

Save My Seat!

As for mitigating CVE-2023-20872, it’s advised to remove the CD/DVD device from the virtual machine or configure the virtual machine not to use a virtual SCSI controller.

The development comes less than a week after the virtualization services provider fixed a critical deserialization flaw impacting multiple versions of Aria Operations for Logs (CVE-2023-20864, CVSS score: 9.8).

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related news

CVE-2023-34046: VMSA-2023-0022

VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time.

Fake GitHub Repos Caught Dropping Malware as PoCs AGAIN!

By Habiba Rashid At the time of writing, all reported fake repositories have been taken down and the malicious PoC has been removed from GitHub. This is a post from HackRead.com Read the original post: Fake GitHub Repos Caught Dropping Malware as PoCs AGAIN!

Fake PoC for Linux Kernel Vulnerability on GitHub Exposes Researchers to Malware

In a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept (PoC) has been discovered on GitHub, concealing a backdoor with a "crafty" persistence method. "In this instance, the PoC is a wolf in sheep's clothing, harboring malicious intent under the guise of a harmless learning tool," Uptycs researchers Nischay Hegde and Siddartha Malladi said.

Update now: Critical flaw in VMWare Fusion and VMWare Workstation

Categories: News Tags: VMware Tags: workstation Tags: fusion Tags: virtual machine Tags: SCSI Tags: DVD Tags: CD Tags: virtualisation Tags: exploit Tags: vulnerability Tags: flaw Tags: CVE VMWare has released fixes and mitigations for three Important and one Critical vulnerability in its Fusion and Workstation software. (Read more...) The post Update now: Critical flaw in VMWare Fusion and VMWare Workstation appeared first on Malwarebytes Labs.

CVE-2023-20872: VMSA-2023-0008

VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.

CVE-2023-20872: VMSA-2023-0008

VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.

CVE-2023-20872: VMSA-2023-0008

VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.

CVE-2023-20872: VMSA-2023-0008

VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.

Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products

Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by malicious actors to execute arbitrary code on affected systems. The most severe of the vulnerabilities is a command injection flaw in Cisco Industrial Network Director (CVE-2023-20036, CVSS score: 9.9), which resides in the web UI component and arises as a result of

CVE-2023-20865: VMSA-2023-0007

VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.