1. Impacted Products
VMware Workspace ONE Launcher
A privilege escalation vulnerability in VMware Workspace ONE Launch was responsibly reported to VMware. Updates are available to remediate this vulnerability in affected VMware products.
3. Privilege Escalation Vulnerability
Known Attack Vectors
A malicious actor with physical access to Workspace ONE Launcher could utilize the Edge Panel feature to bypass setup to gain access to sensitive information.
To remediate CVE-2023-34064 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below.
VMware would like to thank Bartek Pszczola of Defendable for reporting this issue to us.
Fixed Version(s) and Release Notes:
VMware Workspace ONE Launcher 23.11 Release Notes
Downloads and Documentation
Mitre CVE Dictionary Links:
FIRST CVSSv3 Calculator:
5. Change Log
Initial security advisory.
PGP key at:
VMware Security Advisories
VMware Security Response Policy
VMware Lifecycle Support Phases
VMware Security & Compliance Blog
Copyright 2023 VMware Inc. All rights reserved.