PT-2023-6348 · Vmware · Vmware Workstation+1
Gwangun Jung
+1
·
Published
2023-10-20
·
Updated
2026-04-08
·
CVE-2023-34044
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions prior to 17.5 and VMware Fusion versions prior to 13.5
Description
A flaw exists in the functionality for sharing host Bluetooth devices with virtual machines in VMware Workstation and VMware Fusion. This issue involves an out-of-bounds read that could allow a malicious actor with local administrative privileges on a virtual machine to read privileged information from hypervisor memory.
Recommendations
VMware Workstation versions prior to 17.5 should be updated to version 17.5 or later.
VMware Fusion versions prior to 13.5 should be updated to version 13.5 or later.
Fix
RCE
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Fusion
Vmware Workstation