A high-severity VMware Fusion 13.x bug that can let a bad actor with only standard user privileges execute arbitrary code in the Fusion application was patched Tuesday by Broadcom.Security pros said it’s a significant vulnerability because of its ability to execute arbitrary code without requiring elevated privileges, potentially compromising the host system and any virtual machines running on it.“The risk is amplified in development and testing environments where sensitive code or data may be exposed across multiple virtual instances,” said Stephen Kowski, Field CTO at SlashNext email security. “To mitigate such threats, organizations should implement robust endpoint detection and response systems, employ advanced email security measures to prevent initial compromise, and maintain a proactive patching strategy.”VMware Fusion is used primarily by developers, IT professionals, and power users on macOS to run multiple operating systems concurrently. Kowski said he used it for many years to run Kali and Windows VMs.Venky Raju, Field CTO at ColorTokens, added that while primarily used by students and developers, VMware Fusion also gets used in environments where application software is available only on legacy operating systems and is run inside a virtual machine on a modern host. Raju said examples include running MS-DOS and Windows 98-based applications inside a virtual machine on Windows 10.“Developers also use virtualization solutions, and the risk here is that if the virtual machine OS is being used for development, it may contain SSH keys and API credentials that hackers could attempt to steal,” said Raju.The vulnerability — CVE-2024-38811 — was reported to VMware by Mykola Grymalyuk of RIPEDA Consulting.
VMware Fusion13.x code-execution bug patched
Related Posts
First Israel’s Exploding Pagers Maimed and Killed. Now Comes the Paranoia
“They don’t trust their smartphones, so they reach back to these more archaic devices, and those blow up. What’s next?” says Schneier. “Everything becomes less efficient, because they can’t communicate…
Clever ‘GitHub Scanner’ campaign abusing repos to push malware
A clever threat campaign is abusing GitHub repositories to distribute the Lumma Stealer password-stealing malware targeting users who frequent an open source project repository or are subscribed to email notifications from…