Rewterz Threat Alert – FormBook Malware – Active IOCs
July 14, 2021Rewterz Threat Advisory – Multiple Adobe Security Vulnerabilities
July 14, 2021Rewterz Threat Alert – FormBook Malware – Active IOCs
July 14, 2021Rewterz Threat Advisory – Multiple Adobe Security Vulnerabilities
July 14, 2021Severity
Medium
Analysis Summary
CVE-2021-22000
VMware Thinapp version contains a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level on the Windows operating system having VMware ThinApp installed on it.
Impact
- Privilege escalation
- Unauthorized Access
Affected Vendors
VMware
Affected Products
- VMware ThinApp 5.x prior to 5.2.10
Remediation
Refer to VMware Security Advisory for the patch, upgrade, or suggested workaround information.
https://www.vmware.com/security/advisories/VMSA-2021-0015.html