VMware Security Advisories

Advisory ID VMSA-2019-0023
Advisory Severity Moderate
CVSSv3 Range 6.3
Synopsis VMware Workstation and Horizon View Agent updates address a DLL-hijacking issue (CVE-2019-5539)
Issue Date 2019-12-20
Updated On 2019-12-20 (Initial Advisory)
CVE(s) CVE-2019-5539
 
1. Impacted Products
  • VMware Workstation Pro / Player (Workstation)
  • VMware Horizon View Agent (View Agent)
 
2. Introduction
VMware Workstation and Horizon View Agent contain a DLL-hijacking issue. Patches are available to remediate this vulnerability in affected VMware products.
 
3. DLL hijacking vulnerability via Cortado Thinprint (CVE-2019-5539)

Description:

VMware Workstation and Horizon View Agent contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint.  VMware has evaluated the severity of this issue to be in the moderate severity range with a maximum CVSSv3 base score of 6.3.

 

Known Attack Vectors:

Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.

 

Resolution:

To remediate CVE-2019-5539, apply the patches listed in the 'Fixed Version' column of the 'Resolution Matrix' found below.

 

Workarounds:

None.

 

Additional Documentations:

None.

 

Acknowledgements:

VMware would like to thank Peleg Hadar of SafeBreach Labs for reporting this issue to us.

 

Response Matrix:

Product Version Running On CVE Identifier CVSSV3 Severity Fixed Version Workarounds Additional Documents
Workstation
15.x Windows CVE-2019-5539
6.3
Moderate
15.5.1
None
None
View Agent 7.x.x Windows CVE-2019-5539 6.3 Moderate

7.11.0 or 7.10.1 or

7.5.4

None None

5. Change log
 

2019-12-20 : VMSA-2019-0023
Initial security advisory in conjunction with the release of Horizon View Agent 7.10.1 and 7.5.4.

 

6. Contact

 

E-mail list for product security notifications and announcements:

https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

 

This Security Advisory is posted to the following lists:

  security-announce@lists.vmware.com

  bugtraq@securityfocus.com

  fulldisclosure@seclists.org

 

E-mail: security@vmware.com

PGP key at:

https://kb.vmware.com/kb/1055

 

VMware Security Advisories

https://www.vmware.com/security/advisories

 

VMware Security Response Policy

https://www.vmware.com/support/policies/security_response.html

 

VMware Lifecycle Support Phases

https://www.vmware.com/support/policies/lifecycle.html

 

VMware Security & Compliance Blog  

https://blogs.vmware.com/security

 

Twitter

https://twitter.com/VMwareSRC

 

Copyright 2019 VMware Inc. All rights reserved.