===================================================================== CERT-Renater Note d'Information No. 2023/VULN223 _____________________________________________________________________ DATE : 14/06/2023 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running VMware Tools versions prior to 12.2.5. ===================================================================== https://www.vmware.com/security/advisories/VMSA-2023-0013.html _____________________________________________________________________ Low Advisory ID: VMSA-2023-0013 CVSSv3 Range: 3.9 Issue Date: 2023-06-13 Updated On: 2023-06-13 (Initial Advisory) CVE(s): CVE-2023-20867 Synopsis: VMware Tools update addresses Authentication Bypass vulnerability (CVE-2023-20867) 1. Impacted Products VMware Tools 2. Introduction An Authentication Bypass vulnerability in VMware Tools was responsibly reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products. 3a. Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867) Description VMware Tools contains an Authentication Bypass vulnerability in the vgauth module. VMware has evaluated the severity of this issue to be in the Low severity range with a maximum CVSSv3 base score of 3.9. Known Attack Vectors A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. Resolution To remediate CVE-2023-20867 update to the version listed in the 'Fixed Version' column of the 'Response Matrix' found below. Workarounds None. Additional Documentation Given the requirement that an attacker must have root access over ESXi to exploit the vulnerability described by CVE-2023-20867, please review 'vSphere Security: Proactive and Continuous' which describes a holistic approach to security best practices. Notes None. Acknowledgements VMware would like to thank Mandiant for reporting this issue to us. Response Matrix Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation VMware Tools 12.x.x, 11.x.x, 10.3.x Any CVE-2023-20867 3.9 low 12.2.5 None vSphere Security: Proactive and Continuous 4. References Fixed Version(s) and Release Notes: VMware Tools 12.2.5 https://customerconnect.vmware.com/downloads/details?downloadGroup=VMTOOLS1225&productId=1259&rPId=106172 Mitre CVE Dictionary Links: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20867 FIRST CVSSv3 Calculator: CVE-2023-20867: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N 5. Change Log 2023-06-13 VMSA-2023-0013 Initial security advisory. 6. Contact E-mail: security@vmware.com PGP key at: https://kb.vmware.com/kb/1055 VMware Security Advisories http://www.vmware.com/security/advisories VMware Security Response Policy https://www.vmware.com/support/policies/security_response.html VMware Lifecycle Support Phases https://www.vmware.com/support/policies/lifecycle.html VMware Security & Compliance Blog https://blogs.vmware.com/security Twitter https://twitter.com/VMwareSRC ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================