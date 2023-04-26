VMware published a security advisory and announced that multiple vulnerabilities are now fixed in the latest update.

VMware also urged users to apply the patches as soon as possible and shared workarounds for admins who can install updates immediately.

Two of the flaws that were fixed are part of an exploit chain that STAR Labs demonstrated at Pwn2Own Vancouver 2023.

VMware announced that the company has fixed multiple vulnerabilities affecting VMware Workstation and VMware Fusion products. The vulnerabilities were reported privately to the company, and updates and workarounds for these issues are now available. Some of the vulnerabilities are part of an exploit chain which is demonstrated on the Pwn2Own event by STAR Labs. The companies have 90 days to patch the zero-day vulnerabilities that are disclosed at the event before they are released by Trend Micro’s Zero Day Initiative.

Part of an exploit chain

In the security advisory, VMware published details of the four vulnerabilities, one of which has a CVSSv3 score of 9.3.

Stack-based buffer-overflow vulnerability in bluetooth device-sharing functionality (CVE-2023-20869): VMware Workstation and Fusion contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.3.

The vulnerability is fixed in:

Workstation 17.0.2

Fusion 13.0.2

Information disclosure vulnerability in bluetooth device-sharing functionality (CVE-2023-20870): VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1.

The vulnerability is fixed in:

Workstation 17.0.2

Fusion 13.0.2

VMware Fusion Raw Disk local privilege escalation vulnerability (CVE-2023-20871): VMware Fusion contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.3.

The vulnerability is fixed in:

Fusion 13.0.2

Out-of-bounds read/write vulnerability (CVE-2023-20872): VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.7.

The vulnerability is fixed in:

Workstation 17.0.1

Fusion 13.0.1