8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
48.8%
3a. Use-after-free vulnerability in vmnetdhcp (CVE-2020-3947)
VMware Workstation and Fusion contain a use-after vulnerability in vmnetdhcp.VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.3.
3b. Local Privilege escalation vulnerability in Cortado Thinprint (CVE-2020-3948)
Linux Guest VMs running on VMware Workstation and Fusion contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8. Exploitation is only possible if virtual printing is enabled in the Guest VM. Virtual printing is not enabled by default on Workstation and Fusion.
3c. VMware Horizon Client, VMRC and Workstation privilege escalation vulnerability (CVE-2019-5543)
For VMware Horizon Client for Windows, VMRC for Windows and Workstation for Windows the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.3.
CPE | Name | Operator | Version |
---|---|---|---|
horizon client for windows | lt | 5.3.0 | |
vmrc for windows | lt | 11.0.0 | |
workstation for windows | lt | 15.5.2 | |
workstation | lt | 15.5.2 | |
fusion | lt | 11.5.2 | |
workstation | lt | 15.5.2 | |
fusion | lt | 11.5.2 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5543
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3947
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3948
docs.vmware.com/en/VMware-Fusion/index.html
docs.vmware.com/en/VMware-Horizon-Client/index.html
docs.vmware.com/en/VMware-Remote-Console/index.html
docs.vmware.com/en/VMware-Workstation-Player/index.html
docs.vmware.com/en/VMware-Workstation-Pro/index.html
my.vmware.com/web/vmware/details?downloadGroup=CART20FQ4_WIN_530&productId=863
my.vmware.com/web/vmware/details?downloadGroup=VMRC1100&productId=742
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
www.vmware.com/go/downloadfusion
www.vmware.com/go/downloadplayer
www.vmware.com/go/downloadworkstation
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
48.8%