Privilege escalation bugs rarely make headlines the way remote code execution does, but they are the hinge on which most serious intrusions turn. An attacker who already has a foothold — a stolen low-privilege account, a compromised standard user — needs a way up. CVE-2026-41702 is one of those rungs. Disclosed by VMware (through Broadcom) and recorded in the National Vulnerability Database, it lets “a malicious actor with local non-administrative user privileges” escalate to root on any system where VMware Fusion is installed.

The mechanism is a classic, and the NVD record names it precisely: VMware Fusion “contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary.” Two ingredients combine here, and both matter. The first is a SETUID binary — an executable that, by design, runs with the privileges of its owner (root) rather than the privileges of the user who launched it. SETUID programs are a necessary evil on Unix-like systems: they let an unprivileged user perform a tightly scoped privileged action. But they are dangerous precisely because they execute privileged code on behalf of someone who is not privileged, so any flaw in them is a flaw that runs as root. The second ingredient is the TOCTOU race itself.

The CWE class: TOCTOU race condition

NVD classifies the flaw under CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition. The weakness describes a program that checks the state of a resource — typically a file: does it exist, who owns it, is it a symlink — and then, in a separate later step, acts on that resource, assuming the state has not changed in between. The gap between the “check” and the “use” is a window. An attacker who can manipulate the resource during that window — for example, swapping a benign file for a symbolic link pointing at a sensitive system file — can make the privileged program operate on a target it never validated. Because the operation runs inside a SETUID binary, the unauthorized action executes with root authority.

Concretely, TOCTOU exploits against SETUID binaries usually work by winning a race: the privileged program verifies that a path is safe to write, the attacker rapidly replaces that path with a link to something they should not be able to touch, and the program then writes — as root — to the attacker’s chosen target. Repeated attempts and timing tricks make these races practical even when the window is narrow. The fix for this class is to eliminate the gap by operating on a resource handle that cannot be substituted (for instance, opening a file once and acting on the descriptor rather than re-resolving the path), and to drop privileges before touching attacker-influenceable resources.

Why the CVSS is 7.8 High

The NVD record assigns a CVSS v3.1 base score of 7.8 (High), vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Each metric maps cleanly to the flaw. The attack vector is Local (AV:L) because the attacker must already be able to run code on the machine — this is an escalation bug, not a remote one. Attack complexity is rated Low (AC:L); although TOCTOU exploitation involves a race, the conditions are reliably winnable in practice. Privileges Required is Low (PR:L): the attacker needs a non-administrative local account but nothing more. No user interaction is needed (UI:N). And the impact is High across confidentiality, integrity, and availability (C:H/I:H/A:H) because root access on a Unix-like host means total control — read any file, alter any binary, take the machine down. The score lands just shy of Critical mainly because the local-access prerequisite caps the network reachability that would otherwise inflate it.

What is affected and how to remediate

The affected product is VMware Fusion, the desktop hypervisor that runs virtual machines on macOS. The vulnerability lives in the privileged SETUID component that Fusion installs to perform operations requiring elevated rights. VMware’s security advisory, now hosted on Broadcom’s support portal, is the authoritative source for the exact affected version ranges and the fixed build; administrators should consult it directly and apply the vendor-provided update.

The remediation is to install the patched version of Fusion identified in the Broadcom advisory. Until that is done, the relevant exposure is any multi-user or shared macOS host where an untrusted or lower-trust user can log in locally — because such a user could leverage this bug to seize root. On single-user developer laptops the immediate risk is lower, but it still matters as a post-compromise escalation path: malware or a phishing payload that lands as the logged-in user could chain this flaw to gain root and persistence. That chaining is the reason local privilege escalation bugs deserve prompt patching even though they cannot be triggered from the network. They are the second half of nearly every real attack, and a hypervisor with a SETUID helper running on developer Macs is exactly the kind of high-value, widely deployed target where one is most useful to an adversary.

The structural lesson echoes across the SETUID landscape: privileged helpers must treat every path they receive as hostile and must close the check-to-use gap that CWE-367 describes. For defenders without source access, the practical move is simpler — inventory which machines run Fusion, apply the Broadcom-published fix, and restrict local login on shared hosts so that the “local non-administrative user” the advisory warns about is never an untrusted one.