CVE-2020-3941

The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11.

CVSS v3 7.0 HIGH
CVSS v2.0 4.4 MEDIUM

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.vmware.com/security/advisories/VMSA-2020-0002.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-01-15 20:15

Updated : 2023-12-10 13:13

NVD link : CVE-2020-3941

Mitre link : CVE-2020-3941

CVE.ORG link : CVE-2020-3941

JSON object : View

Products Affected

microsoft

windows

vmware

tools

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

{"id": "CVE-2020-3941", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}]}, "published": "2020-01-15T20:15:25.180", "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2020-0002.html", "tags": ["Vendor Advisory"], "source": "security@vmware.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11."}, {"lang": "es", "value": "La operaci\u00f3n de reparaci\u00f3n de VMware Tools para Windows versiones 10.x.y, tiene una condici\u00f3n de carrera que puede permitir una escalada de privilegios en la m\u00e1quina virtual donde est\u00e1 instalado Tools. Esta vulnerabilidad no est\u00e1 presente en VMware Tools versiones 11.x.y ya que la funcionalidad afectada no est\u00e1 presente en VMware Tools versi\u00f3n 11."}], "lastModified": "2020-02-05T19:56:44.260", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDEA7A5B-AA5F-48D0-80F0-C3B4486C547A", "versionEndExcluding": "11.0.0", "versionStartIncluding": "10.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@vmware.com"}