CVE-2023-20872
First published: Tue Apr 25 2023(Updated: )
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Fusion | =13.0.0 | |
| Apple Mac OS X | ||
| VMware Workstation | =17.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2023-20872.
What is the severity level of CVE-2023-20872?
The severity level of CVE-2023-20872 is high with a severity value of 8.8.
Which software is affected by CVE-2023-20872?
VMware Fusion 13.0.0 and VMware Workstation 17.0.0 are affected by CVE-2023-20872.
What is the description of CVE-2023-20872?
CVE-2023-20872 is an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation in VMware Workstation and Fusion.
How can I fix CVE-2023-20872?
To fix CVE-2023-20872, update VMware Workstation to version 17.0.1 or later, and update VMware Fusion to version 13.0.1 or later.
- collector/nvd-index
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/vmware
- canonical/vmware fusion
- version/vmware fusion/13.0.0
- vendor/apple
- canonical/apple mac os x
- canonical/vmware workstation
- version/vmware workstation/17.0.0