March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2020-3961 – VMware Horizon Client for Windows update privilege escalation vulnerability
June 11, 2020Rewterz Threat Alert – Valak Malware and the Connection to Gozi Loader
June 11, 2020Rewterz Threat Advisory – CVE-2020-3961 – VMware Horizon Client for Windows update privilege escalation vulnerability
June 11, 2020Rewterz Threat Alert – Valak Malware and the Connection to Gozi Loader
June 11, 2020
Severity
Medium
Analysis Summary
VMware ESXi, Workstation and Fusion contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine may be able to read privileged information contained in memory.
Impact
Information disclosure
Affected Vendors
VMware
Affected Products
- VMware ESXi 6.5
- VMware ESXi 6.7
- VMware Workstation 15.0
- VMware Fusion 11.0
Remediation
Refer to vendor’s advisory for the upgraded patches.
https://www.vmware.com/security/advisories/VMSA-2020-0012.html