February 27, 2021

TerabitWeb Blog

Fascinating Technology and Security Information

VMware security advisories issued

1 min read

Original Post from SC Magazine
Author: Doug Olenick

VMware issued security advisories for VMware Workstation Pro/Player
and VMware Horizon.

The two vulnerabilities in VMware Workstation Pro/Player (workstation), CVE-2019-5511 and CVE-2019-5512, are rated important and concern elevation of privilege issues. The organization said workstation does not handle paths and COM paths appropriately and a successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege or allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege.

Those affected should upgrade to VMware Workstation Pro
14.1.6, 15.0.3 or VMware Workstation Player 14.1.6, 15.0.3.

The VMware Horizon flaw, CVE-2019-5513, is rated moderate
and is due to the VMware Horizon Connection Server containing an information
disclosure vulnerability. If exploited this issue may allow disclosure of
internal domain names, the Connection Server’s internal name, or the gateway’s
internal IP address.

VMware recommends
updating to VMware Horizon 7 version 7.8, VMware Horizon 7 version 7.5.2 and VMware
Horizon 6 version 6.2.8.

The post VMware security advisories issued appeared first on SC Media.


Go to Source
Author: Doug Olenick

Copyright © All rights reserved. | Newsphere by AF themes.