CVE-2020-3957

Published: May 29, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC and Horizon Client are installed.

Vendor	Product	Versions
VMware	VMware Fusion	affected `11.x before 11.5.5`
VMware	VMware Remote Console for Mac	affected `V11.x and prior`
VMware	VMware Horizon Client for Mac	affected `5.x and prior`

References

https://www.vmware.com/security/advisories/VMSA-2020-0011.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-3957

Description

Affected Products

References