CVE-2023-20869

Published Apr 25, 2023

Last updated a year ago

CVSS high 8.2
VMware Workstation

Overview

Description
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
Source
security@vmware.com
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
8.2
Impact score
6
Exploitability score
1.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
CWE-787
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-787

Social media

Hype score
Not currently trending

  1. Guest-to-host escape in VMware Workstation (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) Guest-to-host VM escape in VMware Workstation, stack buffer overflow in Bluetooth sharing leads to code execution (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) https://t.co/skOIkpX

    @0xor0ne

    24 Feb 2026

    7838 Impressions

    46 Retweets

    167 Likes

    73 Bookmarks

    1 Reply

    1 Quote

  2. Guest-to-host escape in VMware Workstation (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) https://t.co/qAKnS15RLn Credits Alexander Zaviyalov (@NCCGroupInfosec) #infosec https://t.co/ki4WTtneE0

    @0xor0ne

    31 Dec 2025

    9112 Impressions

    32 Retweets

    151 Likes

    89 Bookmarks

    0 Replies

    0 Quotes

  3. VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) by Alexander Zaviyalov (@NCCGroupInfosec) https://t.co/qAKnS15RLn #infosec https://t.co/ydixOPn1m9

    @0xor0ne

    26 Nov 2025

    8445 Impressions

    28 Retweets

    167 Likes

    78 Bookmarks

    1 Reply

    0 Quotes

  4. VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) https://t.co/DseNNxt7Ow Credits Alexander Zaviyalov (@NCCGroupInfosec) #infosec https://t.co/TVyvnLvR6q

    @0xor0ne

    25 Oct 2025

    16596 Impressions

    44 Retweets

    201 Likes

    102 Bookmarks

    0 Replies

    1 Quote

  5. ⚠️Prueba de concepto para vulnerabilidades en VMware ❗CVE-2023-20869 ❗CVE-2023-20870 ❗CVE-2023-34044 ➡️Más info: https://t.co/d8TEL7gAcr https://t.co/H86sY69BlP

    @CERTpy

    6 Oct 2025

    131 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. VMware Workstationのホストエスケープ脆弱性(CVE-2023-20870/CVE-2023-34044, CVE-2023-20869)に対応するPoC(攻撃の概念実証コード)と解説をNCC Group社が公表。 https://t.co/s0dFyyxCdW

    @__kokumoto

    5 Oct 2025

    1036 Impressions

    2 Retweets

    10 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.CVE-2025-41236
  2. VMware ESXi and Workstation TOCTOU Race Condition VulnerabilityCVE-2025-22224
  3. VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.CVE-2023-34044
  4. VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.CVE-2023-20870

References

Sources include official advisories and independent security research.