Hashicorp: >> Vagrant Vmware Fusion >> 5.0.0 Security Vulnerabilities
It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-29
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.
CVSS Score
7.0
EPSS Score
0.001
Published
2017-10-31