Online Advisories & Alerts

Impact: High/Critical

TLP Rating: Clear

VMware Tools vulnerabilities (CVE-2023-34057 & CVE-2023-34058)

Release Date 30th of October 2023

CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provide the following advisory.

On the 30^th of October 2023, CERT Vanuatu received an advisory from its collaborating partner, Cybersecurity Infrastructure Security Agency (CISA) for a VMware Release Advisory for VMware Tools.

What is it?

VMware Tools contains 2 VMware Tools known CVEs. The 2 CVEs contain:

• local privilege escalation vulnerability.
• a SAML token signature bypass vulnerability. VMware has evaluated the severity of this issue to be in the important severity range.

 Attack Details

• CVE-2023-34057 - a malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine; and
• CVE-2023-34058 – a malicious attacker that has been granted “guest operation privilege” in a target virtual machine (VM) may be able to elevate their privileges if that target virtual machine has been assigned a more privileged guest alias (Guest Account in a virtual machine).

Affected Versions

What should I do to Stay Safe?

 It is highly recommended that the users and administrators to apply patches to updated fixed versions. CVE-2023-34057 to update to fixed version 12.1.1 and CVE-2023-34058 to update to fixed version 12.3.5

VMware Tools 12.3.5 (windows)

Downloads and Documentation links below:

https://customerconnect.vmware.com/en/downloads/details?downloadGroup=VMTOOLS1235&productId=1259&rPId=112353
https://docs.vmware.com/en/VMware-Tools/12.3/rn/vmware-tools-1235-release-notes/index.html

VMware Tools 12.1.1 (macOS)

Downloads and Documentation links below:

https://customerconnect.vmware.com/en/downloads/details?downloadGroup=VMTOOLS1235&productId=1259&rPId=112353
https://docs.vmware.com/en/VMware-Tools/12.3/rn/vmware-tools-1235-release-notes/index.html

Reference

• 1. https://www.cisa.gov/news-events/alerts/2023/10/30/vmware-releases-advisory-vmware-tools-vulnerabilities
  2. https://nvd.nist.gov/vuln/detail/CVE-2023-34057
  3. https://nvd.nist.gov/vuln/detail/CVE-2023-34058
  4. https://www.vmware.com/security/advisories/VMSA-2023-0024.html

• Download Advisory (English): VMware Tools vulnerabilities (CVE-2023-34057 & CVE-2023-34058)