HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) prior to 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hashicorp vagrant vmware fusion |