Privilege Escalation Vulnerability in VMware Fusion by VMware
CVE-2020-3980

6.7MEDIUM

Key Information:

Vendor: Vmware
Status: Vmware Fusion
Vendor: CVE Published:; 16 September 2020

What is CVE-2020-3980?

VMware Fusion (version 11.x) harbors a vulnerability that could allow a normal user to escalate their privileges. This occurs through improper handling of system-wide path configurations, enabling a potential attacker to deceive an administrator into executing malicious code. Ensuring proper security measures and updates is critical to mitigate the risks associated with this vulnerability.

Affected Version(s)

VMware Fusion VMware Fusion (11.x)

References

https://www.vmware.com/security/advisories/VMSA-2020-0020...

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2020
Vulnerability Reserved
Dec 30, 2019

Vmware

What is CVE-2020-3980?

Affected Version(s)

References

CVSS V3.1

Timeline