Fwd: [CIVN-2020-0274] Privilege Escalation Vulnerability in VMware Products

1 year ago 68

Severity Rating: HIGH

Software Affected

·         VMware Fusion 11.x versions prior to 11.5.5

·         VMware Remote Console for Mac versions prior to 11.2.0

·         Horizon Client for Mac versions prior to 5.4.3

Overview

A vulnerability has been reported in multiple VMware products which could

allow an attacker to gain elevated privileges on a targeted system.

Description

This vulnerability exists in affected products due to improper XPC Client

validation.

Successful exploitation of this vulnerability could allow an attacker with

normal user privileges to gain  root privileges on the targeted system.

Solution

Apply appropriate updates as mentioned in VMware Security Advisory:

Vendor Information

VMware

References

Securezoo

rability-cve-2020-3974/

CVE Name

CVE-2020-3974

About Cert Advisory

Related Posts

Read Entire Article