Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN510 _____________________________________________________________________ DATE : 18/05/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running VMware Fusion versions prior to 26H1. ===================================================================== https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37454 _____________________________________________________________________ VMSA-2026-0003: VMware Fusion updates address privilege escalation vulnerability (CVE-2026-41702) Product/Component VMware Fusion 0 more products Notification Id 37454 Last Updated 14 May 2026 Initial Publication Date 14 May 2026 Status OPEN Severity HIGH CVSS Base Score 7.8 WorkAround None Affected CVE CVE-2026-41702 Advisory ID: VMSA-2026-0003 Advisory Severity: Important CVSSv3 Range: 7.8 Synopsis: VMware Fusion updates address privilege escalation vulnerability (CVE-2026-41702) Issue date: 2026-05-14 Updated on: 2026-05-14 (Initial Advisory) CVE(s) CVE-2026-41702 1. Impacted Products VMware Fusion 2. Introduction A local privilege escalation vulnerability in VMware Fusion was privately reported to Broadcom. Updates are available to remediate this vulnerability in affected Broadcom products. 3. VMware Fusion TOCTOU local privilege escalation vulnerability (CVE-2026-41702) Description: VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. Broadcom has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8. Known Attack Vectors: A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed. Resolution: To remediate CVE-2026-41702 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below. Workarounds: None Additional Documentation: None. Acknowledgments: Broadcom would like to thank Mathieu Farrell (@coiffeur0x90) for reporting this issue to us. Notes: None. Response Matrix: Product Version Running On CVE CVSSv3 Severity Fixed Version Workarounds Additional Documentation VMware Fusion 25H2 Any CVE-2026-41702 7.8 Important 26H1 None None 4. References VMware Fusion 26H1 Downloads and Documentation: https://support.broadcom.com/group/ecx/productfiles?subFamily=VMware%20Fusion&displayGroup=VMware%20Fusion%2026H1&release=26H1&os=&servicePk=543219&language=EN&freeDownloads=true https://techdocs.broadcom.com/us/en/vmware-cis/desktop-hypervisors/fusion-pro/26H1/release-notes/vmware-fusion-26h1-release-notes.html Mitre CVE Dictionary Links: https://www.cve.org/CVERecord?id=CVE-2026-41702 FIRST CVSSv3 Calculator: CVE-2026-41702: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 5. Change Log: 2026-05-14 VMSA-2026-0003 Initial security advisory. 6. Contact: E-mail: vmware.psirt@broadcom.com PGP key https://knowledge.broadcom.com/external/article/321551 VMware Security Advisories https://www.broadcom.com/support/vmware-security-advisories VMware External Vulnerability Response and Remediation Policy https://www.broadcom.com/support/vmware-services/security-response VMware Lifecycle Support Phases 
https://support.broadcom.com/group/ecx/productlifecycle VMware Security Blog 
https://blogs.vmware.com/security X https://x.com/VMwareSRC Copyright 2026 Broadcom. All rights reserved. ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================