Local Privilege Escalation Vulnerability in VMware Tools
CVE-2023-34057

7.8HIGH

Key Information:

Vendor: Vmware
Status: VMware Tools
Vendor: CVE Published:; 27 October 2023

Summary

VMware Tools has a vulnerability that allows a malicious user with local access to a guest virtual machine to escalate their privileges. This could potentially enable unauthorized actions within the virtual machine environment, posing a security risk. It is crucial for users to implement necessary security measures to safeguard their virtual machines from this type of exploit.

Affected Version(s)

VMware Tools MacOS 12.x.x

VMware Tools MacOS 11.x.x

VMware Tools MacOS 10.3.x

References

https://www.vmware.com/security/advisories/VMSA-2023-0024...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2023
Vulnerability Reserved
May 25, 2023