All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2023-20867
NONEKEVpublish date unavailable
CVSS / 10
// description
VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. An attacker must have root access over ESXi to exploit this vulnerability.
// required action (CISA KEV)
Apply updates per vendor instructions.
added 2023-06-23 00:00 UTC