CVE-2023-20870
VMware Workstation UHCI Component Uninitialized Variable Information Disclosure Vulnerability
Severity Score
6.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.
The specific flaw exists within the UHCI component. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the hypervisor.
*Credits:
Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) of STAR Labs SG Pte. Ltd.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-11-01 CVE Reserved
- 2023-04-25 CVE Published
- 2024-08-02 CVE Updated
- 2024-11-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2023-0008.html | 2023-05-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | >= 13.0.0 < 13.0.2 Search vendor "Vmware" for product "Fusion" and version " >= 13.0.0 < 13.0.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | >= 17.0.0 < 17.0.2 Search vendor "Vmware" for product "Workstation" and version " >= 17.0.0 < 17.0.2" | - |
Affected
| ||||||