# CVE-2023-20867

> A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

- **CVSS:** 3.9 (LOW)
- **EPSS:** 2.7%
- **CISA KEV:** yes
- **CWE:** CWE-287, NVD-CWE-noinfo

Canonical: https://intel.threadlinqs.com/cve/CVE-2023-20867
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp