CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: May 3, 2022

High

CISA KEVEPSS 17.9%

CVE-2020-3950

VMware—Multiple Products

VMware Fusion, Remote Console (VMRC) for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries that allows attackers to escalate privileges to root.

EPSS — Exploit Probability

17.9%

Higher than 95.0% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2020-3950

Vulnerability Overview

Severity: High
EPSS: 17.9%
CISA KEV: Yes
Ransomware: Unknown
Published: Nov 3, 2021
KEV Added: Nov 3, 2021
Due Date: May 3, 2022
Related Articles: 0

Vendor

VMware

Multiple Products