CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-34045

VMware Fusion(13.x prior to 13.5) contains a local privilege escalation vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.3%

CVSS Severity

CVSS v3 Score 6.6

References

https://www.vmware.com/security/advisories/VMSA-2023-0022.html
https://www.vmware.com/security/advisories/VMSA-2023-0022.html

Products affected by CVE-2023-34045

Vmware » Fusion » Version: 13.0.0

cpe:2.3:a:vmware:fusion:13.0.0
Vmware » Fusion » Version: 13.0.1

cpe:2.3:a:vmware:fusion:13.0.1
Vmware » Fusion » Version: 13.0.2

cpe:2.3:a:vmware:fusion:13.0.2
Apple » Mac Os X » Version: N/A

cpe:2.3:o:apple:mac_os_x:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-34045

Products

Pricing

Contact Us