What is CVE-2023-34046?

CVE-2023-34046 is a medium-severity vulnerability in Vmware Fusion. CVSS score: 6.7/10. Published 2023-10-20.

How severe is CVE-2023-34046?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Vulnerability in Vmware Fusion

CVE-2023-34046

VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when…

EPSS: 0.001 (33.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Vmware Fusion — versions 13.x

References

www.vmware.com/security/advisories/VMSA-2023-0022.html

Frequently asked questions

What is CVE-2023-34046?: CVE-2023-34046 is a medium-severity vulnerability in Vmware Fusion. CVSS score: 6.7/10. Published 2023-10-20.
How severe is CVE-2023-34046?: Medium severity. CVSS v3 base score is 6.7 out of 10.