vulnerability

VMware Fusion: Vulnerability (VMSA-2020-0020) (CVE-2020-3980)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:H/Au:N/C:P/I:P/A:P)	Sep 16, 2020	Oct 22, 2020	Feb 1, 2021

Severity

CVSS

(AV:L/AC:H/Au:N/C:P/I:P/A:P)

Published

Sep 16, 2020

Added

Oct 22, 2020

Modified

Feb 1, 2021

Description

VMware Fusion (11.x) contains a privilege escalation vulnerability due to the way it allows configuring the system wide path. An attacker with normal user privileges may exploit this issue to trick an admin user into executing malicious code on the system where Fusion is installed.

Solution

vmware-fusion-upgrade-11_5_7

References

CVE-2020-3980
https://attackerkb.com/topics/CVE-2020-3980
URL-http://www.vmware.com/security/advisories/VMSA-2020-0020.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today