PT-2018-6345 · Vmware+1 · Vmware Fusion+1

Published

2018-03-29

·

Updated

2019-10-03

·

CVE-2017-16839

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Hashicorp vagrant-vmware-fusion version 5.0.4
Description: The issue allows local users to gain root privileges under certain conditions, specifically when VMware Fusion is not installed.
Recommendations: For Hashicorp vagrant-vmware-fusion version 5.0.4, ensure that VMware Fusion is installed to prevent the exploitation of this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2017-16839

Affected Products

Vmware Fusion
Vagrant-Vmware-Fusion