Detections
Analytics
VMware Tools 10.x < 11.0.0 Privilege Escalation (VMSA-2020-0002)
high Nessus Plugin ID 133208
Language:
Synopsis
A virtualization tool suite is installed on the remote Windows host is affected by a privilege escalation vulnerability.Description
The version of VMware Tools installed on the remote Windows host is 10.x, which is prior to 11.0.0. It is, therefore, affected by a race condition which may allow for privilege escalation in the virtual machine where Tools is installed.An authenticated, local attacker can exploit this to escalate their privileges on a Windows virtual machine.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to VMware Tools version 11.0.0 or later or apply the workaround mentioned in the vendor advisory.See Also
https://www.vmware.com/security/advisories/VMSA-2020-0002.html
Plugin Details
Severity: High
ID: 133208
File Name: vmware_tools_win_vmsa_2020_0002.nasl
Version: 1.7
Type: local
Agent: windows
Family: Windows
Published: 1/23/2020
Updated: 7/1/2021
Configuration: Enable paranoid mode
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 4.4
Temporal Score: 3.3
Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-3941
CVSS v3
Risk Factor: High
Base Score: 7
Temporal Score: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:vmware:tools
Required KB Items: Settings/ParanoidReport, SMB/Registry/Enumerated, installed_sw/VMware Tools, Host/ESXi/checked
Exploit Ease: No known exploits are available
Patch Publication Date: 1/14/2020
Vulnerability Publication Date: 1/15/2020
Reference Information
CVE: CVE-2020-3941
IAVB: 2020-B-0005-S
VMSA: 2020-0002