this post was submitted on 04 Sep 2024
4 points (83.3% liked)

Security News

2458 readers
1 users here now

founded 2 years ago
MODERATORS
top 1 comments
sorted by: hot top controversial new old
[–] IllNess@infosec.pub 2 points 2 months ago

The security advisory is for version 13.x until 13.6 on the popular virtualization software for macOS. The bug — CVE-2024-38811 — has a CVSSv3 base score of 8.8 and is caused by an insecure environment variable. Mykola Grymalyuk of RIPEDA Consulting reported the vulnerability and VMWare has issued a patched version of the software.

The vulnerability allows a user with standard privileges to execute code within the Fusion application.