CVE-2023-34045

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 20, 2023

Updated: Oct 28, 2023

Summary

CVE-2023-34045 is a local privilege escalation vulnerability affecting VMware Fusion versions prior to 13.5. During the initial installation or an upgrade, a malicious user with non-administrative privileges can exploit this vulnerability by manipulating the application installation process. Successful exploitation grants the attacker root-level access to the system where Fusion is being installed.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

VMware Fusion

Affected Vendors

VMware Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tE4Hl0
https://www.cve.org/CVERecord?id=CVE-2023-34045
https://nvd.nist.gov/vuln/detail/CVE-2023-34045

Back to Vulnerability Database