Main Vulnerability Database SB2023062239

SB2023062239 - SUSE update for open-vm-tools

Published: June 22, 2023

Security Bulletin ID SB2023062239

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Authentication (CVE-ID: CVE-2023-20867)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the vgauth module. An attacker who compromised the ESXi host can bypass authentication process and execute privileged commands across Windows, Linux, and PhotonOS (vCenter) guest VMs without authentication of guest credentials from a compromised ESXi host and no default logging on guest VMs.

Note, the vulnerability is being actively exploited in the wild by the UNC3886 APT actor.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2023/suse-su-20232604-1/