VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use)
vulnerability that occurs during installation for the first time (the
user needs to drag or copy the application to a folder from the '.dmg'
volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may
exploit this vulnerability to escalate privileges to root on the system
where Fusion is installed or being installed for the first time.
Metrics
Affected Vendors & Products
References
History
Fri, 07 Mar 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: vmware
Published:
Updated: 2025-03-07T18:27:07.211Z
Reserved: 2023-05-25T17:21:56.202Z
Link: CVE-2023-34046

Updated: 2024-08-02T16:01:52.426Z

Status : Modified
Published: 2023-10-20T09:15:12.717
Modified: 2025-03-07T19:15:35.433
Link: CVE-2023-34046

No data.