AI description
CVE-2023-20870 is an out-of-bounds read vulnerability found in VMware Workstation and Fusion. It exists in the functionality for sharing host Bluetooth devices with the virtual machine. An attacker with local administrative privileges on a virtual machine could exploit this vulnerability to read privileged information contained in hypervisor memory.
- Description
- VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
- Source
- security@vmware.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 6
- Impact score
- 4
- Exploitability score
- 1.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) by Alexander Zaviyalov (@NCCGroupInfosec) https://t.co/qAKnS15RLn #infosec https://t.co/ydixOPn1m9
@0xor0ne
26 Nov 2025
8445 Impressions
28 Retweets
167 Likes
78 Bookmarks
1 Reply
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2021-28550 2 - CVE-2025-33073 3 - CVE-2023-20870 4 - CVE-2025-37947 5 - CVE-2025-22131 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 Oct 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) https://t.co/DseNNxt7Ow Credits Alexander Zaviyalov (@NCCGroupInfosec) #infosec https://t.co/TVyvnLvR6q
@0xor0ne
25 Oct 2025
16596 Impressions
44 Retweets
201 Likes
102 Bookmarks
0 Replies
1 Quote
⚠️Prueba de concepto para vulnerabilidades en VMware ❗CVE-2023-20869 ❗CVE-2023-20870 ❗CVE-2023-34044 ➡️Más info: https://t.co/d8TEL7gAcr https://t.co/H86sY69BlP
@CERTpy
6 Oct 2025
131 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
VMware Workstationのホストエスケープ脆弱性(CVE-2023-20870/CVE-2023-34044, CVE-2023-20869)に対応するPoC(攻撃の概念実証コード)と解説をNCC Group社が公表。 https://t.co/s0dFyyxCdW
@__kokumoto
5 Oct 2025
1036 Impressions
2 Retweets
10 Likes
4 Bookmarks
0 Replies
0 Quotes
⚠️ Weekly vuln radar from https://t.co/8RzyA4nEyg: CVE-2024-3400 (@stevenadair) CVE-2025-24132 CVE-2025-43300 CVE-2025-5777 CVE-2025-55177 CVE-2023-34044 (@pr0Ln) CVE-2023-20870 CVE-2025-10035 CVE-2025-20333 https://t.co/Z18UZ0WhOF
@ptdbugs
3 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A great write-up of a VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023- 20869) exploit by Alex Zaviyalov has just been published! https://t.co/FLUcjiUDhB
@alexjplaskett
2 Oct 2025
16526 Impressions
69 Retweets
306 Likes
180 Bookmarks
3 Replies
2 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B628132D-043A-4989-9524-9FA53B1DEADC",
"versionEndExcluding": "13.0.2",
"versionStartIncluding": "13.0.0"
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53930936-892B-421E-B75C-BD2DEC4A09AA",
"versionEndExcluding": "17.0.2",
"versionStartIncluding": "17.0.0"
}
],
"operator": "OR"
}
]
}
]