Rewterz Threat Advisory – CVE-2022-1197 – Mozilla Thunderbird Vulnerability
April 7, 2022Rewterz Threat Advisory – CVE-2022-26850 – Apache NiFi Vulnerability
April 7, 2022Rewterz Threat Advisory – CVE-2022-1197 – Mozilla Thunderbird Vulnerability
April 7, 2022Rewterz Threat Advisory – CVE-2022-26850 – Apache NiFi Vulnerability
April 7, 2022Severity
High
Analysis Summary
CVE-2022-22962 CVSS:7.3
VMware Horizon Client for Linux could allow a local authenticated attacker to gain elevated privileges on the system, caused by a vulnerable symbolic link. By linking the default shared folder to a root owned file, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2022-22964 CVSS:7.3
VMware Horizon Client for Linux could allow a local authenticated attacker to gain elevated privileges on the system, caused by a vulnerable configuration file. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain root privileges.
Impact
- Privilege Ecalation
Indicator Of Compromise
CVE
CVE-2022-22962
CVE-2022-22964
Affected Vendors
VMware
Affected Products
VMware Horizon Client for Linux 21
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.