VMware Tools vulnerability enables privilege escalation

Two critical vulnerabilities have been identified in VMware Tools and labeled CVE-2023-34057 and CVE-2023-34058. These vulnerabilities are related to local privilege escalation and SAML token signature bypass.

These vulnerabilities have a high severity rating of 7.5 (High) and 7.8 (High) respectively. One of these vulnerabilities was identified in macOS systems. VMware has taken immediate action to address these issues by releasing patches and issuing security alerts.

CVE-2023-34057: Local Privilege Elevation Vulnerability This vulnerability allows a malicious actor with local user privileges within a guest virtualization machine to exploit and gain elevated privileges within that virtual machine. The severity of this vulnerability is rated 7.8 (High).

CVE-2023-34058: SAML token signature bypass To exploit this vulnerability, a threat actor must have “guest operation privileges”. These privileges determine the ability to interact with files and applications in the guest operating system of a virtual machine. With these privileges, a malicious actor can exploit this vulnerability in a targeted virtual machine and elevate their privileges if the target virtualization machine has a higher privileged guest alias. The severity rating for this vulnerability is 7.5 (High).

ProductVersionRunning OnCVE IdentifierCVSSv3SeverityFixed VersionWorkaroundsAdditional Documentation
VMware Tools12.x.x, 11.x.x, 10.3.xmacOSCVE-2023-340577.8Important12.1.1NoneNone
VMware Tools12.x.x, 11.x.x, 10.3.xWindowsCVE-2023-34057N/AN/AUnaffectedN/AN/A
VMware Tools12.x.x, 11.x.x, 10.3.xmacOSCVE-2023-34058N/AN/AUnaffectedN/AN/A
VMware Tools12.x.x, 11.x.x, 10.3.xWindowsCVE-2023-340587.5Important12.3.5NoneNone

Users of these products are strongly advised to update to the latest version to minimize the risk of exploiting these vulnerabilities.

Scroll to Top