CVE-2020-3950

HIGH KEV

VMware Fusion <11.5.2 - Privilege Escalation

Title source: llm

Description

VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalmacos
https://www.exploit-db.com/exploits/48337
exploitdb WORKING POC VERIFIED
by Rich Mirch · bashlocalmacos
https://www.exploit-db.com/exploits/48235
vulncheck_xdb WORKING POC
local
https://github.com/mirchr/security-research
metasploit WORKING POC EXCELLENT
by h00die, Dhanesh Kizhakkinan, Rich Mirch, jeffball <[email protected]>, grimm · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/vmware_fusion_lpe.rb

References (4)

Scores

CVSS v3 7.8
EPSS 0.2137
EPSS Percentile 95.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2021-11-03
InTheWild.io 2021-07-23
ENISA EUVD EUVD-2020-25215
CWE
CWE-269
Status published
Products (3)
vmware/fusion 11.0.0 - 11.5.2
vmware/horizon_client 5.0.0 - 5.4.0
vmware/remote_console 11.0.0 - 11.0.1
Published Mar 17, 2020
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026