Broadcom patches code execution flaw in VMware Fusion

• Flaw leaves virtual machines on MacOS vulnerable to potential attackers with standard user privileges.

Broadcom has released critical updates to address a high-severity vulnerability affecting VMware Fusion 13.x, a software hypervisor utilised for running multiple operating systems concurrently on macOS.

The vulnerability, which scores 8.8 out of 10 on the severity scale, can be exploited by malicious actors with standard user privileges to execute arbitrary code within the context of the Fusion application. The root cause of this vulnerability lies in the use of an insecure environment variable.

The affected versions of VMware Fusion on macOS prior to 13.6 are particularly susceptible, leaving virtual machines vulnerable to potential exploitation.

As current mitigation strategies stand, users are urged to update their software to the latest version to safeguard against this weakness. Notably, no alternate workarounds or additional documentation have been provided at this time, highlighting the urgency for users to implement the update promptly.

Vigilant cybersecurity practices

VMware has acknowledged the identification of this flaw by Mykola Grymalyuk of RIPEDA Consulting, reflecting the importance of collaborative efforts in cybersecurity.

 Following its response guidelines, VMware typically addresses vulnerabilities categorized within the “important” severity range during planned maintenance. However, issues rated as critical—those scoring 9.0/10 or higher—demand immediate corrective measures, underscoring the gravity of this particular situation.

In a broader context, the mounting threat posed by vulnerabilities in virtualization software is becoming increasingly apparent. Just prior, Microsoft issued warnings regarding several ransomware groups exploiting another VMware vulnerability—ESXi Authentication Bypass—scoring 6.8 out of 10.

Despite the existence of a patch, cybercriminals have continued to leverage this flaw, underscoring the critical need for regular updates and vigilant cybersecurity practices.