VMware issued security advisories for VMware Workstation Pro/Player
and VMware Horizon.The two vulnerabilities in VMware Workstation Pro/Player (workstation), CVE-2019-5511 and CVE-2019-5512, are rated important and concern elevation of privilege issues. The organization said workstation does not handle paths and COM paths appropriately and a successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of privilege or allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege.Those affected should upgrade to VMware Workstation Pro
14.1.6, 15.0.3 or VMware Workstation Player 14.1.6, 15.0.3.The VMware Horizon flaw, CVE-2019-5513, is rated moderate
and is due to the VMware Horizon Connection Server containing an information
disclosure vulnerability. If exploited this issue may allow disclosure of
internal domain names, the Connection Server’s internal name, or the gateway’s
internal IP address.VMware recommends
updating to VMware Horizon 7 version 7.8, VMware Horizon 7 version 7.5.2 and VMware
Horizon 6 version 6.2.8.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds