VMware fixed a code execution flaw in Fusion hypervisor

Summary: VMware has addressed a critical code execution vulnerability (CVE-2024-38811) in its Fusion hypervisor, which could allow a threat actor with standard user privileges to execute arbitrary code. The issue affects VMware Fusion versions 13.x and has been resolved in version 13.6, with no workarounds available.

Threat Actor: Unknown | unknown
Victim: VMware | VMware

Key Point :

  • High-severity code execution vulnerability tracked as CVE-2024-38811 with a CVSS score of 8.8/10.
  • Exploitation allows execution of code in the context of the Fusion application by a malicious actor with standard user privileges.
  • The vulnerability affects VMware Fusion versions 13.x, and the issue has been fixed in version 13.6.
  • No workarounds are available, and it is unclear if the vulnerability has been exploited in the wild.

VMware addressed a high-severity code execution vulnerability, tracked as CVE-2024-38811 (CVSS 8.8/10), in its Fusion hypervisor.

The vulnerability is due to the usage of an insecure environment variable, a threat actor with standard user privileges can trigger the flaw to execute code in the context of the Fusion application.

“VMware Fusion contains a code-execution vulnerability due to the usage of an insecure environment variable.” reads the advisory published by the virtualization giant. “A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application.”

The vulnerability affects VMware Fusion versions 13.x, the company addressed the issue with the version 13.6.

According to the advisory, there are no workarounds available for the vulnerability. It is not clear if the company is aware of attacks in the wild that exploited the flaw.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, VMware Fusion)



Source: https://securityaffairs.com/168009/security/vmware-fusion-cve-2024-38811.html