VMware patches Workstation Tools vulnerability (CVE-2020-3941)

VMware patches Workstation Tools vulnerability (CVE-2020-3941)

VMware has released security updates to address a local privilege escalation vulnerability (CVE-2020-3941) in VMware Tools for Windows.

According to the VMware advisory VMSA-2020-0002, the repair operation of VMware Tools for Windows has a race condition. As a result, VMware has assigned this High severity vulnerability a CVSSv3 score of 7.8.

“A malicious actor on the guest VM might exploit the race condition and escalate their privileges on a Windows VM,” VMware warned in the advisory.

This vulnerability affects VMware Tools for Windows version 10.x.y.

VMware recommends administrators upgrade to VMware Tools 11 or later to mitigate the issue.