- Description
- VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
- Source
- security@vmware.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6
- Impact score
- 4
- Exploitability score
- 1.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
- Severity
- MEDIUM
- nvd@nist.gov
- CWE-125
- Hype score
- Not currently trending
Guest-to-host escape in VMware Workstation (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) Guest-to-host VM escape in VMware Workstation, stack buffer overflow in Bluetooth sharing leads to code execution (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) https://t.co/skOIkpX
@0xor0ne
24 Feb 2026
7838 Impressions
46 Retweets
167 Likes
73 Bookmarks
1 Reply
1 Quote
Guest-to-host escape in VMware Workstation (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) https://t.co/qAKnS15RLn Credits Alexander Zaviyalov (@NCCGroupInfosec) #infosec https://t.co/ki4WTtneE0
@0xor0ne
31 Dec 2025
9112 Impressions
32 Retweets
151 Likes
89 Bookmarks
0 Replies
0 Quotes
VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) by Alexander Zaviyalov (@NCCGroupInfosec) https://t.co/qAKnS15RLn #infosec https://t.co/ydixOPn1m9
@0xor0ne
26 Nov 2025
8445 Impressions
28 Retweets
167 Likes
78 Bookmarks
1 Reply
0 Quotes
VMware Workstation guest-to-host escape (CVE2023-20870/CVE-2023-34044 and CVE-2023- 20869) exploit development https://t.co/RYkYiV0Nay https://t.co/OkVpOT7ljB
@DavidJou734
26 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869) https://t.co/DseNNxt7Ow Credits Alexander Zaviyalov (@NCCGroupInfosec) #infosec https://t.co/TVyvnLvR6q
@0xor0ne
25 Oct 2025
16596 Impressions
44 Retweets
201 Likes
102 Bookmarks
0 Replies
1 Quote
⚠️Prueba de concepto para vulnerabilidades en VMware ❗CVE-2023-20869 ❗CVE-2023-20870 ❗CVE-2023-34044 ➡️Más info: https://t.co/d8TEL7gAcr https://t.co/H86sY69BlP
@CERTpy
6 Oct 2025
131 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
VMware Workstationのホストエスケープ脆弱性(CVE-2023-20870/CVE-2023-34044, CVE-2023-20869)に対応するPoC(攻撃の概念実証コード)と解説をNCC Group社が公表。 https://t.co/s0dFyyxCdW
@__kokumoto
5 Oct 2025
1036 Impressions
2 Retweets
10 Likes
4 Bookmarks
0 Replies
0 Quotes
⚠️ Weekly vuln radar from https://t.co/8RzyA4nEyg: CVE-2024-3400 (@stevenadair) CVE-2025-24132 CVE-2025-43300 CVE-2025-5777 CVE-2025-55177 CVE-2023-34044 (@pr0Ln) CVE-2023-20870 CVE-2025-10035 CVE-2025-20333 https://t.co/Z18UZ0WhOF
@ptdbugs
3 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A great write-up of a VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023- 20869) exploit by Alex Zaviyalov has just been published! https://t.co/FLUcjiUDhB
@alexjplaskett
2 Oct 2025
16526 Impressions
69 Retweets
306 Likes
180 Bookmarks
3 Replies
2 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "118254F1-8F14-4573-B3A4-56EE365A41ED",
"versionEndExcluding": "17.5",
"versionStartIncluding": "17.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F574C812-1E1F-4991-9442-74E799DACAD8",
"versionEndExcluding": "13.5",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
]