VMware fixes critical zero-day exploit chain used at Pwn2Own

@ndma 28 Apr 2023

Threat Actor



VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched versions of the company's Workstation and Fusion software hypervisors.

  • CVE-2023-20869 is a stack-based buffer-overflow vulnerability in Bluetooth device-sharing functionality which allows local attackers to execute code as the virtual machine's VMX process running on the host.

  • CVE-2023-20870 is an information disclosure weakness in the functionality for sharing host Bluetooth devices with the VM, which enables malicious actors to read privileged information contained in hypervisor memory from a VM.

  • CVE-2023-20871 is a high-severity VMware Fusion Raw Disk local privilege escalation vulnerability that can be abused by attackers with read/write access to the host operating system to escalate privileges and gain root access to the host OS.

  • CVE-2023-20872 described as "an out-of-bounds read/write vulnerability" in the SCSI CD/DVD device emulation impacts both Workstation and Fusion products.



Last updated