CVE-2023-20854

VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.

Published: Feb 3, 2023
Updated: Apr 14, 2023
CVE: CVE-2023-20854
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.4
AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
vmware / workstation	17.0	17.0.x

https://www.vmware.com/security/advisories/VMSA-2023-0003.html

Vulnerability Database

289,599

CVE-2023-20854