CVE-2020-3948 — Incorrect Permission Assignment in Vmware Fusion

CWE-732 — Incorrect Permission Assignment CWE-269 — Improper Privilege Management4 documents4 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 92.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Fusion Vmware Workstation

Timeline

PublishedMar 16

Latest updateMay 24

Description

Linux Guest VMs running on VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. Local attackers with non-administrative access to a Linux guest VM with virtual printing enabled may exploit this issue to elevate their privileges to root on the same guest VM.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶NVDvmware/fusion11.0.0 — 11.5.2

▶NVDvmware/workstation15.0.0 — 15.5.2

▶CVEListV5vmware/fusion11.x before 11.5.2

▶CVEListV5vmware/workstation15.x before 15.5.2

🔴Vulnerability Details

GHSA

GHSA-8vx8-8442-ph7f: Linux Guest VMs running on VMware Workstation (15↗2022-05-24

▶

CVEList

CVE-2020-3948: Linux Guest VMs running on VMware Workstation (15↗2020-03-16

▶

📋Vendor Advisories

VMware

VMware Horizon Client, VMRC, VMware Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2019-5543, CVE-2020-3947, CVE-2020-3948)↗2020-03-12

▶