Vulnerability: Privilege Escalation via Fake Application Directory in HashiCorp Vagrant VMware Fusion Plugin
CVE-2017-16777 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root.
Learn more about our Cis Benchmark Audit For Vmware.