Home

CVE-2020-3950

Description

VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
19.652

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2020-3950 are affected in VMware Horizon Client 5.3.9Windows
Vulnerabilities CVE-2020-3950 are affected in VMware Horizon Client (x64) 5.3.9Windows
Vulnerabilities CVE-2020-3950 are affected in VMware Remote Console 11.0.0Windows
Vulnerabilities CVE-2020-3950,CVE-2020-3951 are affected in VMware Horizon Client (x64) 5.3.0Windows
Vulnerabilities CVE-2020-3950 are affected in VMware Horizon Client 5.3.0Windows
Vulnerabilities CVE-2020-3947,CVE-2020-3948,CVE-2020-3950,CVE-2020-3958 are affected in VMware Fusion for MAC 11.5.1Mac
Vulnerabilities CVE-2020-3950 are affected in VMware Horizon Client 8 for MAC 5.3.0Mac
Vulnerabilities CVE-2020-3947,CVE-2020-3948,CVE-2020-3950,CVE-2020-3958 are affected in VMware Fusion for MAC 11.5.1Mac
Vulnerabilities CVE-2020-3950 are affected in VMware Horizon Client 8 for MAC 5.3.0Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-334726VMware Remote Console (12.0.5) (Manual Upload Required)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-607263VMware Horizon Client 8 for MAC (8.12.1) (Deployment-Only)
PATCH-605160VMware Fusion for MAC 13.0.2 (Deployment-Only)
PATCH-607263VMware Horizon Client 8 for MAC (8.12.1) (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234