Site icon VMVirtualMachine.com

VMware Fusion Vulnerability Let Attackers Escalate Privilege to Root

vm_admin
VMware Fusion Vulnerability Let Attackers Escalate Privilege to Root

A high-severity privilege escalation vulnerability has been discovered in VMware Fusion, Broadcom’s popular macOS virtualization software, allowing local attackers to gain root-level access on affected systems.

Tracked as CVE-2026-41702, the flaw was privately reported to Broadcom and patched on May 14, 2026, under security advisory VMSA-2026-0003.

The vulnerability stems from a TOCTOU (Time-of-Check Time-of-Use) race condition that occurs during an operation performed by a SETUID binary within VMware Fusion.

VMware Fusion TOCTOU Vulnerability

TOCTOU flaws exploit the gap between when a program checks a resource’s state and when it actually uses it, and an attacker can manipulate that window to inject malicious changes and hijack elevated operations.

Any user running VMware Fusion version 25H2 on macOS is affected. The attack requires only local, non-administrative user privileges, no admin rights, and no remote access needed.

A malicious actor already…

Exit mobile version