Vulnerabilities > CVE-2023-20869 - Out-of-bounds Write vulnerability in VMWare Fusion and Workstation

CVSS 8.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

vmware

CWE-787

NVD

Published: 2023-04-25

Updated: 2023-05-04

Summary

VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.

Vulnerable Configurations

Part	Description	Count
Application	Vmware Vmware Fusion * Vmware Workstation *	2

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.vmware.com/security/advisories/VMSA-2023-0008.html