On March 17, VMware officially released a security bulletin numbered VMSA-2020-0005, which fixed an elevation of privilege vulnerability (CVE-2020-3950) in VMware Fusion, VMRC for Mac, and Horizon Client for Mac. Due to the improper use of setuid binaries, an attacker could exploit this vulnerability to elevate the normal user rights to administrator rights in the target system. At present, the PoC is public, and it is recommended that relevant users upgrade the version for protection.
Affected version :
- VMware Fusion <11.5.2
- VMware Remote Console for Mac <= 11.x
- VMware Horizon Client for Mac <5.4.0
Unaffected version :
- VMware Fusion = 11.5.2
- VMware Remote Console for Mac = 11.0.1
- VMware Horizon Client for Mac = 5.4.0
At present, the vulnerability has been fixed in the latest version. The affected users are requested to upgrade to the unaffected version for protection.