Risk | Low |
Patch available | YES |
Number of vulnerabilities | 3 |
CVE-ID | CVE-2017-4948 CVE-2017-4945 CVE-2017-4946 |
CWE-ID | CWE-125 CWE-264 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software Subscribe |
VMware Horizon Server applications / Virtualization software VMware Workstation Client/Desktop applications / Virtualization software VMware Fusion Client/Desktop applications / Virtualization software VMware vRealize Operations for Published Applications Server applications / Remote management servers, RDP, SSH |
Vendor |
VMware, Inc |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
EUVDB-ID: #VU9928
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-4948
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to obtain potentially sensitive information or cause DoS condition on the target system.
The weakness exists due to an out-of-bounds memory read error in Cortado ThinPrint ('TPView.dll'). An adjacent attacker can read arbitrary data on the host system or cause the View desktop system to crash.
Update VMware Horizon View to version 4.7.0.
Update VMware Workstation to version 14.1.
VMware Horizon: 4.0 - 4.6.1
VMware Workstation: 12.0.0 - 12.5.8
External linkshttp://www.vmware.com/security/advisories/VMSA-2018-0003.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9929
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-4945
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to gain unauthorized access to the target system.
The weakness exists due to insufficient security restrictions. An adjacent attacker can bypass certain security restrictions and gain access to a guest system that may result in further attacks.
Install update from vendor's website.
VMware Fusion: 8.0 - 10.0
VMware Workstation: 12.0.0 - 14.0
External linkshttp://www.vmware.com/security/advisories/VMSA-2018-0003.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU9930
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-4946
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to an unspecified condition in the vRealize Operations for Horizon and the vRealize Operations for Published Applications desktop agents. A local attacker can gain system privileges and perform further attacks.
Update to version 4.5.1.
VMware vRealize Operations for Published Applications: 6.0.0 - 6.5.0
: 6.0.0 - 6.5.0
External linkshttp://www.vmware.com/security/advisories/VMSA-2018-0003.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.