Description

VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.

Related CPE's

a

vmware

workstation

17.0

Vulnerable

o

microsoft

windows

-

References

https://www.vmware.com/security/advisories/VMSA-2023-0003.html

PatchRelease NotesVendor Advisory

https://www.vmware.com/security/advisories/VMSA-2023-0003.html

PatchRelease NotesVendor Advisory

Weaknesses

[email protected]

Primary
CWE-269

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary
CWE-269

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

8.4 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-02-03T18:15:13.733Z

3 years ago

Last modified

2025-03-26T13:15:28.260Z

11 months ago