back to article Virtual machines, real problems: VMware fixes bug trio including guest-to-host hole in Workstation, Fusion

VMware has released security patches for a trio of bugs in its desktop-class virtualization products. The most serious of the holes, CVE-2020-3947, is a vulnerability in VMware Workstation and Fusion that can be exploited by a miscreant or malware in a guest VM to gain code execution on the host box via the vmnetdhcp component …

  1. amanfromMars 1 Silver badge

    Please be better advised. VMware are being economical with the truth

    To whom IT may be of concern.

    Successful exploitation of this issue, CVE-2020-3947, leads with/to code execution on the host from the guest and allows attackers to create a denial-of-service condition of the vmnetdhcp service running on the host machine.

    There are no ifs, buts or maybes. It is one of Virtualisation's Achilles Heels and/or Almighty Hammers.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020