Security News > 2020 > March > Patch for Recently Disclosed VMware Fusion Vulnerability Incomplete
The patch released recently by VMware for a privilege escalation vulnerability affecting Fusion for Mac have been found to be incomplete.
VMware informed customers on March 17 that Fusion, Remote Console and Horizon Client for Mac are affected by a high-severity privilege escalation vulnerability caused by the improper use of setuid binaries.
The researchers credited for reporting the vulnerability to VMware - Jeffball from cybersecurity firm GRIMM and Rich Mirch - both told SecurityWeek that the patch for Fusion is incomplete.
"VMware USB Arbitrator Service and Open VMware Fusion Services are both setuid root binaries located at /Applications/VMware Fusion.app/Contents/Library/services," Mirch explained in his PoC exploit.
Jeffball, who has also published technical information about the flaw, told SecurityWeek that the "Open VMware Fusion Services binary is fixed, but the Open VMware USB Arbitrator Service binary is not. When running the exploit for fusion services, it gets a bad code signature error, but the same thing works fine on the USB arbitrator service."
News URL
Related news
- CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September (source)
- SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access (source)
- Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability (source)
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)