/

CVE-2023-34058 Report - Details, Severity, & Advisorie...

CVE-2023-34058 Report - Details, Severity, & Advisories

Twingate Team

May 31, 2024

What is CVE-2023-34058?

CVE-2023-34058 is a high-severity vulnerability affecting VMware Tools and Open VM Tools software running on various operating systems. Systems running vulnerable versions of these tools on affected operating systems are at risk and should be updated to protect against potential attacks.

Who is impacted by CVE-2023-34058?

For VMware Tools, versions from 10.3.0 up to 12.3.4 are impacted, while for VMware Open VM Tools, versions from 11.0.0 up to 12.3.0 are affected. Users with guest operation privileges in a target virtual machine that has been assigned a more privileged guest alias are at risk. This security issue could allow a malicious actor to elevate their privileges, posing a threat to affected systems.

What should I do if I’m affected?

If you're affected by the CVE-2023-34058 vulnerability, it's crucial to update your VMware Tools or Open VM Tools software to a secure version. Follow these steps:

  1. Identify if your system is running a vulnerable version of VMware Tools (10.3.0 to 12.3.4) or Open VM Tools (11.0.0 to 12.3.0).

  2. For Open VM Tools, apply the provided patch for versions 11.0.0 through 12.3.0.

  3. For Debian 10 users, upgrade the open-vm-tools package to version 2:10.3.10-1+deb10u6.

  4. Monitor security updates and announcements for further guidance.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-34058 vulnerability, also known as VMware Tools SAML token signature bypass vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was published on October 27, 2023. There is no specific due date mentioned for addressing this vulnerability.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-347, which involves improper verification of cryptographic signatures.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-34058 Report - Details, Severity, & Advisorie...

CVE-2023-34058 Report - Details, Severity, & Advisories

Twingate Team

May 31, 2024

What is CVE-2023-34058?

CVE-2023-34058 is a high-severity vulnerability affecting VMware Tools and Open VM Tools software running on various operating systems. Systems running vulnerable versions of these tools on affected operating systems are at risk and should be updated to protect against potential attacks.

Who is impacted by CVE-2023-34058?

For VMware Tools, versions from 10.3.0 up to 12.3.4 are impacted, while for VMware Open VM Tools, versions from 11.0.0 up to 12.3.0 are affected. Users with guest operation privileges in a target virtual machine that has been assigned a more privileged guest alias are at risk. This security issue could allow a malicious actor to elevate their privileges, posing a threat to affected systems.

What should I do if I’m affected?

If you're affected by the CVE-2023-34058 vulnerability, it's crucial to update your VMware Tools or Open VM Tools software to a secure version. Follow these steps:

  1. Identify if your system is running a vulnerable version of VMware Tools (10.3.0 to 12.3.4) or Open VM Tools (11.0.0 to 12.3.0).

  2. For Open VM Tools, apply the provided patch for versions 11.0.0 through 12.3.0.

  3. For Debian 10 users, upgrade the open-vm-tools package to version 2:10.3.10-1+deb10u6.

  4. Monitor security updates and announcements for further guidance.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-34058 vulnerability, also known as VMware Tools SAML token signature bypass vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was published on October 27, 2023. There is no specific due date mentioned for addressing this vulnerability.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-347, which involves improper verification of cryptographic signatures.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-34058 Report - Details, Severity, & Advisories

Twingate Team

May 31, 2024

What is CVE-2023-34058?

CVE-2023-34058 is a high-severity vulnerability affecting VMware Tools and Open VM Tools software running on various operating systems. Systems running vulnerable versions of these tools on affected operating systems are at risk and should be updated to protect against potential attacks.

Who is impacted by CVE-2023-34058?

For VMware Tools, versions from 10.3.0 up to 12.3.4 are impacted, while for VMware Open VM Tools, versions from 11.0.0 up to 12.3.0 are affected. Users with guest operation privileges in a target virtual machine that has been assigned a more privileged guest alias are at risk. This security issue could allow a malicious actor to elevate their privileges, posing a threat to affected systems.

What should I do if I’m affected?

If you're affected by the CVE-2023-34058 vulnerability, it's crucial to update your VMware Tools or Open VM Tools software to a secure version. Follow these steps:

  1. Identify if your system is running a vulnerable version of VMware Tools (10.3.0 to 12.3.4) or Open VM Tools (11.0.0 to 12.3.0).

  2. For Open VM Tools, apply the provided patch for versions 11.0.0 through 12.3.0.

  3. For Debian 10 users, upgrade the open-vm-tools package to version 2:10.3.10-1+deb10u6.

  4. Monitor security updates and announcements for further guidance.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-34058 vulnerability, also known as VMware Tools SAML token signature bypass vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. It was published on October 27, 2023. There is no specific due date mentioned for addressing this vulnerability.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-347, which involves improper verification of cryptographic signatures.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.