[German]Vulnerabilities exist in VMware Workstation, Fusion, VMware Remote Console, and Horizon Client that allow privilege escalation or denial of service (DoS). Security updates are available for the affected products.
Advertising
Just a few days ago I reported in the article VMware Security Updates (12./14.3.2020)that VMware had to patch several vulnerabilities in their products with security updates. Now there is a new round of patching which fixes vulnerabilities described in VMware security advisory VMSA-2020-0005 dated March 17, 2020. The following products are affected:
- VMware Workstation Pro / Player (Workstation)
- VMware Fusion Pro / Fusion (Fusion)
- VMware Remote Console for Mac (VMRC for Mac)
- VMware Horizon Client for Mac
- VMware Horizon Client for Windows
Older versions of the products contain the vulnerabilities CVE-2020-3950 and CVE-2020-3951, and updates are available for the listed products to address the vulnerabilities.
Privilege escalation vulnerability via setuid binaries (CVE-2020-3950)
VMware Fusion, VMRC for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries. VMware has rated the severity of this issue as Important severity with a maximum base CVSSv3 rating of 7.3.
Successful exploitation of this issue may allow attackers with normal user privileges to extend their privileges to root on the system where Fusion, VMRC, or Horizon client is installed. Updates are available for the listed products to address the vulnerabilities.
Denial of service vulnerability in Cortado Thinprint (CVE-2020-3951)
VMware Workstation and Horizon Client for Windows contain a denial of service vulnerability due to a heap overflow issue in Cortado Thinprint. VMware has rated the severity of this issue as low with a maximum base CVSSv3 rating of 3.2.
Advertising
Attackers with non-administrative access to a guest VM with virtual printing enabled could exploit this issue to create a denial of service state of the thinprint service running on the system where the workstation or Horizon client is installed. Updates are available for the listed products to address the vulnerabilities. (via).
