CVE-2023-20867—VMware Tools Authentication Bypass Vulnerability
PUBLISHEDvulnerability record
2023-06-23 · last modified June 21, 2025
Metadata
漏洞名称
VMware Tools Authentication Bypass Vulnerability
描述
VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. An attacker must have root access over ESXi to exploit this vulnerability.
已知用于勒索软件活动吗?
采集行动
Apply updates per vendor instructions.