CVE-2023-20867

LOW KEV RANSOMWARE

Vmware Tools < 12.2.5 - Authentication Bypass

Title source: rule

Description

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

References (10)

[Mailing List, Patch] http://www.openwall.com/lists/oss-security/2023/10/16/11

[Mailing List, Patch] http://www.openwall.com/lists/oss-security/2023/10/16/2

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2023/08/msg00020.html

[Mailing List, Release Notes] https://lists.fedoraproject.org/archives/list/[email protected]/message/NVKQ6Y2JFJRWPFOZUOTFO3H27BK5GGOG/

[Mailing List, Release Notes] https://lists.fedoraproject.org/archives/list/[email protected]/message/TJNJMD67QIT6LXLKWSHFM47DCLRSMT6W/

[Mailing List, Release Notes] https://lists.fedoraproject.org/archives/list/[email protected]/message/ZJM6HDRQYS74JA7YNKQBFH2XSZ52HEWH/

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20230725-0001/

[Mailing List, Third Party Advisory] https://www.debian.org/security/2023/dsa-5493

[Patch, Vendor Advisory] https://www.vmware.com/security/advisories/VMSA-2023-0013.html

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-20867

Scores

CVSS v3 3.9

EPSS 0.0295

EPSS Percentile 86.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

Details

CISA KEV 2023-06-23

VulnCheck KEV 2023-06-13

InTheWild.io 2023-06-23

ENISA EUVD EUVD-2023-25040

Ransomware Use Confirmed

CWE

CWE-287

Status published

Products (7)

debian/debian_linux 10.0

debian/debian_linux 11.0

debian/debian_linux 12.0

fedoraproject/fedora 37

fedoraproject/fedora 38

fedoraproject/fedora 39

vmware/tools 10.3.0 - 12.2.5

Published Jun 13, 2023

KEV Added Jun 23, 2023

Tracked Since Feb 18, 2026