CVE-2023-34059

HIGH Year: 2023
CVSS v3 Score
7.0
High
Weakness Type
CWE-404
View all →

Vulnerability Description

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

Related Vulnerabilities

CVE-2018-8120

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows ...

CWE-4042018

CVE-2018-8124

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows ...

CWE-4042018

CVE-2018-8166

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows ...

CWE-4042018

CVE-2018-8167

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka "Windows Common Log File System Driver Elevation of Privi...

CWE-4042018

CVE-2018-8169

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." T...

CWE-4042018

CVE-2018-8170

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Wi...

CWE-4042018