New Update Security update for VMware Tools v12.3.0 for Windows, and v10.3.26 Linux (CVE-2023-20900)


Thread author
Staff Member
Jan 8, 2011

Impacted Products​

  • VMware Tools
A SAML token signature bypass vulnerability in VMware Tools was responsibly reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products.

SAML Token Signature Bypass vulnerability (CVE-2023-20900)​

VMware Tools contains a SAML token signature bypass vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.

Known Attack Vectors
A malicious actor with man-in-the-middle (MITM) network positioning in the virtual machine network may be able to bypass SAML token signature verification, to perform VMware Tools Guest Operations.

To remediate CVE-2023-20900 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.

ProductVersionRunning onCVE IdentifierCVSSv3SeverityFixed VersionWorkaroundsAdditional Documentation
VMware Tools12.x.x, 11.x.x, 10.3.xWindowsCVE-2023-209007.5Important12.3.0NoneNone
VMware Tools10.3.xLinuxCVE-2023-209007.5Important[1] 10.3.26NoneNone
[2] VMware Tools (open-vm-tools)12.x.x, 11.x.x, 10.3.xLinuxCVE-2023-209007.5Important[3] 12.3.0NoneNone

Release notes:
  • Updated OpenSSL version to 3.0.8.
  • Updated libxml2 version to 2.10.4.
  • Updated glib version to 2.71.1.
  • Updated libffi version to 3.3.
  • This release resolves CVE-2023-20900.
  • From VMware Tools 12.3.0 version onwards, workload notifications for NSX distributed malware prevention is enabled.
  • VMware Tools 12.3.0 version provides support for Windows Arm VMs running on VMware Fusion on Apple silicon.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.