Risk | High |
Patch available | YES |
Number of vulnerabilities | 4 |
CVE-ID | CVE-2019-5540 CVE-2019-5541 CVE-2019-5542 CVE-2019-5539 |
CWE-ID | CWE-200 CWE-787 CWE-20 CWE-427 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
VMware Workstation Client/Desktop applications / Virtualization software VMware Fusion Client/Desktop applications / Virtualization software VMware Horizon Server applications / Virtualization software |
Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU22738
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5540
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to information disclosure issue in vmnetdhcp. A remote authenticated attacker can leak memory from the host process and gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Workstation: 15.0.0 - 15.5.0
VMware Fusion: 11.0.0 - 11.5.0
External linkshttp://www.vmware.com/security/advisories/VMSA-2019-0021.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU22739
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5541
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input via the e1000e virtual network adapter. A remote administrator can trigger out-of-bounds write and execute arbitrary code on the target system, or create a denial-of-service (DoS) condition on their own VM.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Workstation: 15.0.0 - 15.5.0
VMware Fusion: 11.0.0 - 11.5.0
External linkshttp://www.vmware.com/security/advisories/VMSA-2019-0021.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU22740
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5542
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the RPC handler. A remote authenticated attacker can cause a denial-of-service condition on their own VM.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Workstation: 15.0.0 - 15.5.0
VMware Fusion: 11.0.0 - 11.5.0
External linkshttp://www.vmware.com/security/advisories/VMSA-2019-0021.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU23778
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5539
CWE-ID:
CWE-427 - Uncontrolled Search Path Element
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the target system.
The vulnerability exists due to insecure loading of a DLL by Cortado Thinprint. A local user can escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Workstation: 15.0.4 - 15.5.0
VMware Horizon: 7.5 - 7.10
External linkshttp://www.vmware.com/security/advisories/VMSA-2019-0023.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to open a a specially crafted file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.