Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
August 31, 2023Successful Completion of HBL MfB Annual VAPT program and Source Code Review Project
August 31, 2023Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
August 31, 2023Successful Completion of HBL MfB Annual VAPT program and Source Code Review Project
August 31, 2023Severity
High
Analysis Summary
CVE-2023-20900
VMware Tools could allow a remote attacker to bypass security restrictions, caused by improper SAML token signature verification. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to perform VMware Tools Guest Operations
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-20900
Affected Vendors
VMware
Affected Products
- VMware Tools 11
- VMware Tools 12
- VMware Tools 10.3
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.