{"containers": {"cna": {"affected": [{"product": "VMware Fusion", "vendor": "VMware", "versions": [{"status": "affected", "version": "11.x before 11.5.5"}]}, {"product": "VMware Remote Console for Mac", "vendor": "VMware", "versions": [{"status": "affected", "version": "V11.x and prior"}]}, {"product": "VMware Horizon Client for Mac", "vendor": "VMware", "versions": [{"status": "affected", "version": "5.x and prior"}]}], "descriptions": [{"lang": "en", "value": "VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC and Horizon Client are installed."}], "problemTypes": [{"descriptions": [{"description": "Local privilege escalation vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-05-29T19:37:58", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2020-3957", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "VMware Fusion", "version": {"version_data": [{"version_value": "11.x before 11.5.5"}]}}, {"product_name": "VMware Remote Console for Mac", "version": {"version_data": [{"version_value": "V11.x and prior"}]}}, {"product_name": "VMware Horizon Client for Mac", "version": {"version_data": [{"version_value": "5.x and prior"}]}}]}, "vendor_name": "VMware"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC and Horizon Client are installed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Local privilege escalation vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html", "refsource": "CONFIRM", "url": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:52:20.529Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html"}]}]}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2020-3957", "datePublished": "2020-05-29T19:37:58", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2024-08-04T07:52:20.529Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CD44672-26F4-4B0F-933E-C929B32E3C9E", "versionEndExcluding": "11.5.5", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:*:*:*", "matchCriteriaId": "EDE9D288-3370-41AB-BB69-B5A6A91FC582", "versionEndIncluding": "5.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:remote_console:*:*:*:*:*:*:*:*", "matchCriteriaId": "4385CDD4-5D94-4B3A-8D86-FCD568813509", "versionEndIncluding": "11.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC and Horizon Client are installed."}, {"lang": "es", "value": "VMware Fusion (versiones 11.x anteriores a 11.5.5), VMware Remote Console para Mac (versiones anteriores a 11.x ) y VMware Horizon Client para Mac (versiones anteriores a 5.x), contienen una vulnerabilidad de escalada de privilegios local debido a un problema de tipo Time-of-check Time-of-use (TOCTOU) en el abridor de servicio. Una explotaci\u00f3n con \u00e9xito de este problema puede permitir a atacantes con privilegios de usuario normal escalar sus privilegios a root en el sistema donde est\u00e1n instalados Fusion, VMRC y Horizon Client."}], "id": "CVE-2020-3957", "lastModified": "2024-11-21T05:32:02.157", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-29T20:15:11.547", "references": [{"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0011.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}