CVE-2020-3950: VMware Multiple Products Privilege Escalation Vulnerability
First published: Tue Mar 17 2020(Updated: )
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed.
Credit: security@vmware.com security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Fusion | >=11.0.0<11.5.2 | |
| Vmware Horizon Client | >=5.0.0<5.4.0 | |
| VMware Remote Console | >=11.0.0<11.0.1 | |
| Apple macOS | ||
| VMware Multiple Products | ||
| All of | ||
| Any of | ||
| VMware Fusion | >=11.0.0<11.5.2 | |
| Vmware Horizon Client | >=5.0.0<5.4.0 | |
| VMware Remote Console | >=11.0.0<11.0.1 | |
| Apple macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/156843/VMware-Fusion-11.5.2-Privilege-Escalation.html
- http://packetstormsecurity.com/files/157079/VMware-Fusion-USB-Arbitrator-Setuid-Privilege-Escalation.html
- https://www.vmware.com/security/advisories/VMSA-2020-0005.html
- https://nvd.nist.gov/vuln/detail/CVE-2020-3950
Frequently Asked Questions
What is CVE-2020-3950?
CVE-2020-3950 is a privilege escalation vulnerability affecting VMware Fusion, VMware Remote Console for Mac, and Horizon Client for Mac.
Which products are affected by CVE-2020-3950?
CVE-2020-3950 affects VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1), and Horizon Client for Mac (5.x and prior before 5.4.0).
What is the severity of CVE-2020-3950?
CVE-2020-3950 has a severity rating of 7.8 (High).
How can CVE-2020-3950 be exploited?
CVE-2020-3950 can be exploited by attackers with local system access to escalate their privileges due to improper use of setuid binaries.
Are Apple macOS systems vulnerable to CVE-2020-3950?
No, Apple macOS systems are not vulnerable to CVE-2020-3950.
- agent/type
- agent/softwarecombine
- agent/description
- agent/severity
- agent/title
- agent/weakness
- agent/author
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- agent/references
- agent/tags
- collector/nvd-cve
- source/NVD
- vendor/vmware
- canonical/vmware fusion
- version/vmware fusion/11.0.0
- canonical/vmware horizon client
- version/vmware horizon client/5.0.0
- canonical/vmware remote console
- version/vmware remote console/11.0.0
- vendor/apple
- canonical/apple macos
- canonical/vmware multiple products