Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-20854

VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.

Published

2023-02-03T19:15:13.733

Last Modified

2025-03-26T14:15:28.260

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.4 (HIGH)

Weaknesses

Type: Primary
CWE-269
Type: Secondary
CWE-269

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	vmware	workstation	17.0	Yes
Operating System	microsoft	windows	-	No

References

https://www.vmware.com/security/advisories/VMSA-2023-0003.html Patch, Release Notes, Vendor Advisory ([email protected])
https://www.vmware.com/security/advisories/VMSA-2023-0003.html Patch, Release Notes, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)