VMware has investigated CVE-2023-20869 and CVE-2023-20870 and has determined that the possibility of exploitation can be removed by performing the steps detailed in the Workaround section of this article.

This workaround is meant to be a temporary solution until updates documented in VMSA-2023-0008 can be deployed.

Resolution is documented in VMSA-2023-0008 .

Workaround:
The workaround for both CVE-2023-20869 and CVE-2023-20870 is to turn off the Bluetooth support on the virtual machine.

Uncheck the option "Share Bluetooth devices with the virtual machine" on the impacted products by following the procedure described here:

VMware Workstation Pro:
https://docs.vmware.com/en/VMware-Workstation-Pro/17/com.vmware.ws.using.doc/GUID-82E79E50-3073-4081-9FE6-0927076EA0AD.html
 

VMware Workstation Player:
https://docs.vmware.com/en/VMware-Workstation-Player-for-Windows/17.0/com.vmware.player.win.using.doc/GUID-82E79E50-3073-4081-9FE6-0927076EA0AD.html
 

VMware Fusion:
https://docs.vmware.com/en/VMware-Fusion/13/com.vmware.fusion.using.doc/GUID-9C42F404-F254-4E42-A5A7-2876B408FBB1.html