PT-2023-6348 · Vmware · Vmware Fusion+1
Gwangun Jung
+1
·
Published
2023-10-20
·
Updated
2026-02-27
·
CVE-2023-34044
CVSS v3.1
7.1
High
| AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions prior to 17.5
VMware Fusion versions prior to 13.5
Description
VMware Workstation and VMware Fusion have an out-of-bounds read issue in the functionality for sharing host Bluetooth devices with a virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory.
Recommendations
VMware Workstation versions prior to 17.5 should be updated to version 17.5 or later.
VMware Fusion versions prior to 13.5 should be updated to version 13.5 or later.
Fix
RCE
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Fusion
Vmware Workstation