Attackers

VMware patches critical flaws that could allow attackers to escape VMs

by
VMware patches critical flaws that could allow attackers to escape VMs

VMware has released fixes for several flaws that together could allow attackers to execute malicious code on the host system from inside a virtual machine, bypassing the critical isolation layer. Some of the flaws are in the virtualized USB controllers, so they impact most VMware hypervisors: VMware ESXi, VMware Workstation, VMware Fusion, and VMware Cloud … Read more

VMware Tools Flaw Let Attackers Escalate Privileges

by
VMware Tools Flaw Let Attackers Escalate Privileges

Two high vulnerabilities have been discovered in VMware Tools, which were assigned with CVE-2023-34057 and CVE-2023-34058. These vulnerabilities were associated with Local Privilege Escalation and SAML Token Signature Bypass. The severities of these vulnerabilities are 7.5 (High) and 7.8 (High), respectively. One of these vulnerabilities existed in macOS. However,  VMware has released patches and security … Read more