Skip to content

VMware Fusion: Attackers Can Obtain Root Privileges

(Photo: Tatiana Popova/Shutterstock.com) Broadcom has released an important security update for VMware Fusion. Successful exploitation of a vulnerability in the software could allow an attacker to obtain root-level privileges under certain circumstances. The developers have now closed the gap—an attack with profound and far-reaching consequences. VMware Fusion enables the creation of virtual machines on macOS. Attackers can exploit a security vulnerability (TOCTOU) present in a SETUID binary. In this scenario, attackers wait for a specific time window between the checking of a resource and its use. This enables them to modify the resource and inject malicious content. As a result, they can obtain root privileges through an unknown method and ultimately achieve complete system control (CVE-2026-41702, rated as “high”). However, attackers must already be authenticated as a prerequisite for carrying out the attack. This affects VMware Fusion version 25H2. The developers state that they have resolved the issue in version 26H27416.

heise security News

Share on:
Tags: