Rewterz Threat Advisory – CVE-2020-3961 – VMware Horizon Client for Windows update privilege escalation vulnerability

Rewterz Threat Advisory – SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol

June 11, 2020

Rewterz Threat Advisory – CVE-2020-3960 – VMware ESXi, Workstation and Fusion information disclosure Vulnerability

June 11, 2020

Rewterz Threat Advisory – CVE-2020-3961 – VMware Horizon Client for Windows update privilege escalation vulnerability

Severity

High

Analysis Summary

VMware Horizon Client for Windows contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user.

Impact

Privilege escalation

Affected Vendors

VMware

Affected Products

VMware Horizon Client for Windows

Remediation

Refer to vendor’s advisory for the list of upgraded patches.

https://www.vmware.com/security/advisories/VMSA-2020-0013.html

Rewterz Threat Advisory – SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol

Rewterz Threat Advisory – CVE-2020-3960 – VMware ESXi, Workstation and Fusion information disclosure Vulnerability

Rewterz Threat Advisory – CVE-2020-3961 – VMware Horizon Client for Windows update privilege escalation vulnerability

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan