A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Critical Vulnerability in VMware Workstation and Fusion (CVE-2023-20869)

Critical Vulnerability in VMware Workstation and Fusion (CVE-2023-20869)

Advisory No: TZCERT/SA/2023/04/28

Date of First Release: 28th April 2023

Source: VMware

Software Affected: VMware Workstation17.x and VMware Fusion 13.x


VMware has released patches to address a critical vulnerability affecting VMware Workstation and VMware Fusion. The vulnerability could allow an attacker to take control of affected system.


VMware Workstation and VMware Fusion are infected with a stack-based buffer-overflow vulnerability in the functionality for sharing host Bluetooth devices with the virtual machine. The vulnerability allows a malicious an actor with local privilege to execute code as virtual machine’s VMX process running on the host. 


Successful exploitation of this vulnerability may allow the attacker to control of the affected system.


VMware has released patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.


  1. https://www.vmware.com/security/advisories/VMSA-2023-0008.html
  2. https://docs.vmware.com/en/VMware-Fusion/13.0.2/rn/vmware-fusion-1302-release-notes/index.html
  3. https://docs.vmware.com/en/VMware-Workstation-Pro/17.0.2/rn/vmware-workstation-1702-pro-release-notes/index.html

Check Also

OS Command Injection Vulnerability in PAN-OS GlobalProtect (CVE-2024-3400)

Advisory No: TZCERT/SA/2024/04/15 Date of First Release: 15th April 2024 Source: Palo Alto Software Affected: …