VMware Workstation 15.x for Linux is also not affected by this vulnerabilityįor VMware Workstation 15.x for Windows. VMware Workstation 16.x is not affected by this vulnerability.
VMWARE HORIZON CLIENT 4.4 RELEASE NOTES INSTALL
To remediate the Horizon Client for Windows install patch 5.4.4. VMware has evaluated the severity of these issues to be in the Moderate severity range with a maximum CVSSv3 base score of 5.2.Ī malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. These issues exist in the EMF and JPEG2000 parsers. VMware Workstation and Horizon Client for Windows contain multiple out-of-bounds read vulnerabilities in Cortado ThinPrint component. VMware Fusion 12.x is not affected by this vulnerabilityįor VMware Fusion 11.x apply patch 11.5.7. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.7.Īn attacker with normal user privileges may exploit this issue to trick an admin user into executing malicious code on the system where Fusion is installed. VMware Fusion contains a privilege escalation vulnerability due to the way it allows configuring the system wide path. PATH configuration privilege escalation vulnerability (CVE-2020-3980) Updates are available to remediate these vulnerabilities in affected VMware products. Multiple vulnerabilities in VMware Workstation, Fusion and Horizon Client were privately reported to VMware.
VMWARE HORIZON CLIENT 4.4 RELEASE NOTES PRO
VMware Workstation Pro / Player (Workstation).Updated security advisory to add Fusion 11.x version in the response matrix of section of CVE-2020-3980 and Workstation 15.x version in the response matrix of section of CVE-2020-3986, CVE-2020-3987, CVE-2020-3988 CVE-2020-3989, and CVE-2020-3990.
Today VMware released a new security announcement VMSA-2020-0020.