CVE-2023-20854

Summary

VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.

Affected Software

VendorProductVersion RangeStatus
n/aVMware WorkstationVMware Workstation (17.x prior to 17.0.1)affected

Weaknesses

  • Arbitrary file deletion vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References