

Rewterz Threat Advisory – CVE-2020-3961 – VMware Horizon Client for Windows update privilege escalation vulnerability
June 11, 2020
Rewterz Threat Alert – Valak Malware and the Connection to Gozi Loader
June 11, 2020
Rewterz Threat Advisory – CVE-2020-3961 – VMware Horizon Client for Windows update privilege escalation vulnerability
June 11, 2020
Rewterz Threat Alert – Valak Malware and the Connection to Gozi Loader
June 11, 2020Severity
Medium
Analysis Summary
VMware ESXi, Workstation and Fusion contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine may be able to read privileged information contained in memory.
Impact
Information disclosure
Affected Vendors
VMware
Affected Products
- VMware ESXi 6.5
- VMware ESXi 6.7
- VMware Workstation 15.0
- VMware Fusion 11.0
Remediation
Refer to vendor’s advisory for the upgraded patches.
https://www.vmware.com/security/advisories/VMSA-2020-0012.html