CVE-2020-3972

CWE-20Improper Input Validation4 documents4 sources
Severity
3.3LOW
EPSS
0.0%
top 87.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vmware Tools
Timeline
PublishedJun 19
Latest updateMay 24

Description

VMware Tools for macOS (11.x.x and prior before 11.1.1) contains a denial-of-service vulnerability in the Host-Guest File System (HGFS) implementation. Successful exploitation of this issue may allow attackers with non-admin privileges on guest macOS virtual machines to create a denial-of-service condition on their own VMs.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5vmware_tools_for_macosVMware Tools for macOS (11.x.x and prior before 11.1.1)
NVDvmware/tools11.0.011.1.1

🔴Vulnerability Details

2
GHSA
GHSA-5w32-6vq2-mmh8: VMware Tools for macOS (112022-05-24
CVEList
CVE-2020-3972: VMware Tools for macOS (112020-06-19

📋Vendor Advisories

1
VMware
VMware Tools for macOS update addresses a denial-of-service vulnerability (CVE-2020-3972)2020-06-18
CVE-2020-3972 (LOW CVSS 3.3) | VMware Tools for macOS (11.x.x and | cvebase.io