back to article Virtual machines, real problems: VMware fixes bug trio including guest-to-host hole in Workstation, Fusion

VMware has released security patches for a trio of bugs in its desktop-class virtualization products. The most serious of the holes, CVE-2020-3947, is a vulnerability in VMware Workstation and Fusion that can be exploited by a miscreant or malware in a guest VM to gain code execution on the host box via the vmnetdhcp component …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. amanfromMars 1 Silver badge

    Please be better advised. VMware are being economical with the truth

    To whom IT may be of concern.

    Successful exploitation of this issue, CVE-2020-3947, leads with/to code execution on the host from the guest and allows attackers to create a denial-of-service condition of the vmnetdhcp service running on the host machine.

    There are no ifs, buts or maybes. It is one of Virtualisation's Achilles Heels and/or Almighty Hammers.

    0 2 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021

Do not sell my personal information Cookies Privacy Ts&Cs