Fwd: [CIVN-2020-0274] Privilege Escalation Vulnerability in VMware Products

Severity Rating: HIGH

Software Affected

· VMware Fusion 11.x versions prior to 11.5.5

· VMware Remote Console for Mac versions prior to 11.2.0

· Horizon Client for Mac versions prior to 5.4.3

Overview

A vulnerability has been reported in multiple VMware products which could

allow an attacker to gain elevated privileges on a targeted system.

Description

This vulnerability exists in affected products due to improper XPC Client

validation.

Successful exploitation of this vulnerability could allow an attacker with

normal user privileges to gain root privileges on the targeted system.

Solution

Apply appropriate updates as mentioned in VMware Security Advisory:

https://www.vmware.com/security/advisories/VMSA-2020-0017.html

Vendor Information

VMware

https://www.vmware.com/security/advisories/VMSA-2020-0017.html

References

Securezoo

https://www.securezoo.com/2020/07/vmware-patches-privilege-escalation-vulne

rability-cve-2020-3974/

CVE Name

CVE-2020-3974

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2020-0274] Privilege Escalation Vulnerability in VMware Products

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive