Greetings from VMware Security Response Center.

Today, we would like to make you aware that the fix for CVE-2020-3950 in Fusion 11.5.2 is incomplete and addresses the issue partially. VMware security advisory VMSA-2020-0005 has been updated with instructions that complete the fix for Fusion 11.5.2. To remediate this issue completely, these instructions need to be followed after updating to Fusion 11.5.2.

We are working on the next release of Fusion which will have a complete fix for CVE-2020-3950. Please see VMSA-2020-0005 for more information.

Customers should review the available documentation and direct technical inquiries to VMware Support for further assistance.