• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Coronavirus Campaigns – KBot, Azorult, CoronaVirus Ransomware, MBR Wiper
March 13, 2020
Rewterz Threat Advisory – Slack fixes Vulnerability Exploitable for Session Hijacking
March 17, 2020

Rewterz Threat Advisory – VMware Multiple Vulnerabilities

March 15, 2020

Severity

High

Analysis Summary

CVE-2019-5543

For VMware Horizon Client for Windows, VMRC for Windows and Workstation for Windows the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users. A local user on the system where the software is installed may exploit this issue to run commands as any user.

CVE-2020-3947

VMware Workstation and Fusion contain a use-after vulnerability in vmnetdhcp. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition of the vmnetdhcp service running on the host machine.

CVE-2020-3948

Linux Guest VMs running on VMware Workstation and Fusion contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. Exploitation is only possible if virtual printing is enabled in the Guest VM. Virtual printing is not enabled by default on Workstation and Fusion. Local attackers with non-administrative access to a Linux guest VM with virtual printing enabled may exploit this issue to elevate their privileges to root on the same guest VM.

Impact

  • Unauthorized command execution
  • Denial of Service
  • Privilege Escalation

Affected Vendors

VMware

Affected Products

  • VMware Workstation Pro / Player (Workstation) 15.x
  • VMware Fusion Pro / Fusion (Fusion) 11.x
  • Horizon Client for Windows 5.x and prior
  • VMRC for Windows 10.x

Remediation

Update VMware Workstation Pro and Player to version 15.5.2: 

VMware Workstation Pro 15.5.2

https://www.vmware.com/go/downloadworkstation

https://docs.vmware.com/en/VMware-Workstation-Pro/index.html


VMware Workstation Player 15.5.2

https://www.vmware.com/go/downloadplayerhttps://docs.vmware.com/en/VMware-Workstation-Player/index.html

Update VMwareFusion to version 11.5.2:

VMware Fusion 11.5.2
https://www.vmware.com/go/downloadfusion
https://docs.vmware.com/en/VMware-Fusion/index.html

Update VMware Horizon Client for Windows to version 5.3.0:

VMware Horizon Client for Windows 5.3.0
https://my.vmware.com/web/vmware/details?downloadGroup=CART20FQ4_WIN_530&productId=863
https://docs.vmware.com/en/VMware-Horizon-Client/index.html

Update VMware Remote Console for Windows to 11.0.0:

VMware Remote Console for Windows 11.0.0
https://my.vmware.com/web/vmware/details?downloadGroup=VMRC1100&productId=742
https://docs.vmware.com/en/VMware-Remote-Console/index.html

  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.