VMware has issued a security advisory to address a significant vulnerability in its VMware Fusion product that could allow attackers to execute malicious code.
This vulnerability, identified as CVE-2024-38811, stems from the application’s use of an insecure environment variable. With a CVSSv3 score of 8.8, it is classified as important.
VMware Fusion 13.x Versions running on MacOS are affected. The vulnerability in VMware Fusion allows a malicious actor with standard user privileges to execute arbitrary code within the Fusion application’s context.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial
This flaw is particularly concerning as it does not require elevated privileges to exploit, making it accessible to a broader range of potential attackers.
Broadcom has released an update to address this vulnerability. Users are advised to upgrade to the fixed version specified in VMware’s response matrix, which lists VMware Fusion 13.6 as the patched version.
There are no known workarounds for this vulnerability, making the update crucial for maintaining security. VMware has credited Mykola Grymalyuk of RIPEDA Consulting for responsibly reporting the issue, allowing the company to address the vulnerability before it could be exploited in the wild.
Users of VMware Fusion are urged to apply the update immediately to mitigate the risk of exploitation. Given the severity of the vulnerability, organizations should prioritize this update to protect their systems from potential attacks.
As of now, there are no known specific exploits in circulation for CVE-2024-38811.
How to Check the version of VMware Fusion installed
- Open VMware Fusion on your Mac.
- Click on “VMware Fusion” in the menu bar at the top of the screen.
- Select “About VMware Fusion” from the dropdown menu.
A window will appear displaying the version number of your VMware Fusion installation.
What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!