VMSA-2019-0023:VMware Workstation and Horizon View Agent updates address a DLL-hijacking issue
VMware Security Advisories
| Advisory ID | VMSA-2019-0023 |
| Advisory Severity | Moderate |
| CVSSv3 Range | 6.3 |
| Synopsis | VMware Workstation and Horizon View Agent updates address a DLL-hijacking issue (CVE-2019-5539) |
| Issue Date | 2019-12-20 |
| Updated On | 2019-12-20 (Initial Advisory) |
| CVE(s) | CVE-2019-5539 |
1. Impacted Products
- VMware Workstation Pro / Player (Workstation)
- VMware Horizon View Agent (View Agent)
2. Introduction
VMware Workstation and Horizon View Agent contain a DLL-hijacking issue. Patches are available to remediate this vulnerability in affected VMware products.
3. DLL hijacking vulnerability via Cortado Thinprint (CVE-2019-5539)
Description:
VMware Workstation and Horizon View Agent contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. VMware has evaluated the severity of this issue to be in the moderate severity range with a maximum CVSSv3 base score of 6.3.
Known Attack Vectors:
Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.
Resolution:
To remediate CVE-2019-5539, apply the patches listed in the 'Fixed Version' column of the 'Resolution Matrix' found below.
Workarounds:
None.
Additional Documentations:
None.
Acknowledgements:
VMware would like to thank Peleg Hadar of SafeBreach Labs for reporting this issue to us.
Response Matrix:
4. References
VMware Workstation 15.5.1
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://docs.vmware.com/en/VMware-Workstation-Pro/index.html
VMware Workstation Player 15.5.1
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer
https://docs.vmware.com/en/VMware-Workstation-Player/index.html
VMware Horizon View Agent 7.11.0
Downloads and Documentation:
https://my.vmware.com/web/vmware/info/slug/desktop_end_user_computing/vmware_horizon/7_11
https://docs.vmware.com/en/VMware-Horizon-7/7.11/rn/horizon-711-view-release-notes.html
VMware Horizon View Agent 7.10.1
Downloads and Documentation:
https://my.vmware.com/web/vmware/info/slug/desktop_end_user_computing/vmware_horizon/7_10
https://docs.vmware.com/en/VMware-Horizon-7/7.10.1/rn/horizon-7101-view-release-notes.html
VMware Horizon View Agent 7.5.4
Downloads and Documentation:
https://my.vmware.com/web/vmware/info/slug/desktop_end_user_computing/vmware_horizon/7_5
https://docs.vmware.com/en/VMware-Horizon-7/7.5.4/rn/horizon-754-view-release-notes.html
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5539
FIRST CVSSv3 Calculator:
https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
5. Change log
2019-12-20 : VMSA-2019-0023
Initial security advisory in conjunction with the release of Horizon View Agent 7.10.1 and 7.5.4.
6. Contact
E-mail list for product security notifications and announcements:
https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
E-mail: [email protected]
PGP key at:
VMware Security Advisories
https://www.vmware.com/security/advisories
VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
VMware Security & Compliance Blog
https://blogs.vmware.com/security
Copyright 2019 VMware Inc. All rights reserved.