Syneto Knowledge

Open a ticket

CVE-2023-34057 (VMware Tools Privilege Escalation Vulnerability)

Administrator

Written By Christian Castagna (Administrator)

Updated at January 27th, 2025

Table of Contents

Vulnerability description Solution

This article provides information on how to mitigate the CVE-2023-34057 vulnerability.

→ Applies to: VMware Tools (from 10.3.0 to 12.1.0 included)

 

Vulnerability description

VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine.

SOURCES
NIST (https://nvd.nist.gov/vuln/detail/CVE-2023-34057)
VMware (https://www.vmware.com/security/advisories/VMSA-2023-0024.html)

 

Solution

Update VMware Tools with a not affected version (12.1.1 and above).

Related Articles

CVE-2024-6387 (regreSSHion attack)

This article provides information on how to mitigate the CVE-2024-6387 vulnerabil...

CVE-2023-48795 (Terrapin attack on SSH)

This article provides information on how to mitigate the CVE-2023-48795 vulnerabi...

CVE-2023-34058 (VMware Tools Token Signature Bypass Vulnerability)

This article provides information on how to mitigate the CVE-2023-34058 vulnerabi...

CVE-2023-20867 (VMware Tools Authentication Bypass Vulnerability)

This article provides information on how to mitigate the CVE-2023-20867 vulnerabi...