Patch/Configuration Management, Vulnerability Management

VMWare updates Tools fixing race condition

January 15, 2020

VMWare issued a single security advisory and patch for a vulnerability in its Tools product.

The flaw, CVE-2020-3941, affects VMware Tools for Windows version 10.x.y and can be mitigated by updating to version 11.0.

The vulnerability, rated as important, is a race condition that can be exploited enabling an unauthorized person from escalating their privileges on a Windows VM.

Doug Olenick

Vulnerability Management

Move to a risk-based vulnerability management approach

Alastair Williams February 13, 2025

By looking at bugs for asset importance, severity, threat activity, and network exposure, teams can set priorities and take targeted actions.

Vulnerability Management

Ivanti fixes 4 critical flaws, including CVSS 9.9 in Connect Secure

Laura FrenchFebruary 12, 2025

The flaws could enable remote code execution or arbitrary file writing and should be patched immediately.

Critical SonicWall SMA1000 bug patched amid active exploitation. (SonicWall)

Network Security

Addressed high-severity SonicWall firewall bug poses VPN hijacking threat

SC StaffFebruary 12, 2025

Potential intrusions commence with the delivery of a specially crafted session cookie with a base64-encoded null bytes string to the '/cgi-bin/sslvpnclient' SSL VPN authentication endpoint, prompting an improper session validation that logs out firewall users and enables attacker session hijacking, a report from Bishop Fox revealed.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Related Terms

Bug Buffer Overflow Disassembly