CVE DATABASE / CVE-2020-3950
CVE-2020-3950
VMware Multiple Products Privilege Escalation Vulnerability
Confirmed exploited in the wild. Added 2021-11-03.
Federal remediation due 2022-05-03.
Required action: Apply updates per vendor instructions.
Summary
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed.
CVSS 3.1 breakdown
| Base score | 7.8 (HIGH) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://packetstormsecurity.com/files/156843/VMware-Fusion-11.5.2-Privilege-Escalation.html
- http://packetstormsecurity.com/files/157079/VMware-Fusion-USB-Arbitrator-Setuid-Privilege-Escalation.html
- https://www.vmware.com/security/advisories/VMSA-2020-0005.html
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3950
Data: NIST NVD + CISA KEV. NVD last modified 2025-10-30. Always verify against the vendor advisory before acting.