ShiftDelete.net
BİZİ TAKİP EDİN

VMware addresses critical Zero-Day exploit chain

VMware releases security updates to fix zero-day vulnerabilities in their Workstation and Fusion software hypervisors.

VMware addresses critical Zero-Day exploit chain

VMware has recently issued security updates to tackle zero-day vulnerabilities, which could be linked to enable code execution on systems running unpatched versions of the company’s Workstation and Fusion software hypervisors. These vulnerabilities were demonstrated by STAR Labs team’s security researchers during the Pwn2Own Vancouver 2023 hacking contest just a month ago.

Addressing the flaws and temporary workarounds

The first vulnerability (CVE-2023-20869) is a stack-based buffer-overflow issue in Bluetooth device-sharing functionality. This allows local attackers to execute code as the virtual machine’s VMX process operating on the host. The second bug (CVE-2023-20870) is an information disclosure weakness related to sharing host Bluetooth devices with the VM. This enables malicious actors to read privileged information in the hypervisor memory from a VM.

VMware also offers a temporary workaround for administrators who cannot immediately deploy patches for these two flaws on their systems. By turning off Bluetooth support on the virtual machine and unchecking the “Share Bluetooth devices with the virtual machine” option on impacted devices, the attack vector can be removed.

Additional security flaws addressed

VMware has addressed two more security flaws affecting the Workstation and Fusion hosted hypervisors. CVE-2023-20871 is a high-severity VMware Fusion Raw Disk local privilege escalation vulnerability that can be exploited by attackers with read/write access to the host operating system. This would allow them to escalate privileges and gain root access to the host OS.

A fourth bug (tracked as CVE-2023-20872), an out-of-bounds read/write vulnerability in the SCSI CD/DVD device emulation, impacts both Workstation and Fusion products. This can be exploited by local attackers with access to VMs with a physical CD/DVD drive attached and configured to use a virtual SCSI controller, allowing them to gain code execution on the hypervisor from the VM.

For CVE-2023-20872, a temporary workaround requires administrators to remove the CD/DVD device from the virtual machine or configure it not to use a virtual SCSI controller, effectively blocking exploitation attempts.

Recently, VMware also patched a critical vRealize Log Insight vulnerability that could allow unauthenticated attackers to gain remote execution on vulnerable appliances.

SDN Yorumları 0 Yorum

Yorum Yap

İlgili Haberler

Game of Thrones: Kingsroad – First Trailer Released
Game of Thrones: Kingsroad – First Trailer Released
Samsung Galaxy S25 in performance test!
Samsung Galaxy S25 in performance test!
PlayStation 5 Pro statement from Xbox that will anger Sony!
PlayStation 5 Pro statement from Xbox that will anger Sony!
CATL's Founder Challenges Elon Musk's Ambitious Battery Technology
CATL’s Founder Challenges Elon Musk’s Ambitious Battery Technology

SDN Network

Sihirli Elma Yeşil Robot Tech Inside Pembe Teknoloji Future Flow Life

SDN.net

1250 BORREGAS AVENUE, #40, SUNNYVALE, CA
94089 ShiftDelete.Net LLC

info@shiftdelete.net

Shiftdelete.Net, İnternet Medyası ve Bilişim Muhabirleri Derneği üyesidir.

Desteklio