CVE-2023-20900: 
Bottlerocket vulnerability analysis and mitigation

CVE-2023-20900 is a SAML token signature bypass vulnerability discovered in VMware Tools and reported in August 2023. The vulnerability affects VMware Tools versions from 10.3.0 up to (excluding) 12.3.0 running on both Windows and Linux systems. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High) (NVD, VMware Advisory).

The vulnerability allows a malicious actor with Guest Operation Privileges in a target virtual machine to potentially elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias. The vulnerability has been assigned a CVSS vector of CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating adjacent network attack vector, high attack complexity, no privileges required, and high impact on confidentiality, integrity, and availability (VMware Advisory, NVD).

Successful exploitation of this vulnerability could lead to privilege escalation, disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS) in affected systems. The vulnerability affects both Windows and Linux systems running vulnerable versions of VMware Tools (NetApp Advisory).

VMware has released patches to address this vulnerability in version 12.3.0 for Windows systems and version 10.3.26 for older Linux releases. For open-vm-tools, version 12.3.0 is available through Linux vendors. No workarounds are available, and users are advised to apply the available patches (VMware Advisory).

Multiple vendors and organizations have responded to this vulnerability by releasing security advisories and patches. Debian, Fedora, and NetApp have issued security advisories and provided fixes for their affected products (Debian Advisory, Fedora Update, NetApp Advisory).