KLA12094
Multiple vulnerabilities in VMware Workstation and Player

Обновлено: 10/03/2021

Дата обнаружения	12/03/2020
Уровень угрозы	Critical
Описание	Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: A code execution vulnerability in VMware USB arbitration service can be exploited locally to execute arbitrary code. Use after free vulnerability in vmnetdhcp can be exploited to execute arbitrary code or cause denial of service. A privilege escalation vulnerability in Cortado Thinprint can be exploited locally to gain privileges.
Пораженные продукты	VMware Workstation 15.x earlier than 15.5.2 VMware Player 15.x earlier than 15.5.2
Решение	Update to the latest version Download VMWare Workstation
Первичный источник обнаружения	VMSA-2020-0004
Оказываемое влияние ?	ACE [?] DoS [?] PE [?]
Связанные продукты	VMware Workstation VMware Player
CVE-IDS	CVE-2019-55437.2High CVE-2020-39477.2High CVE-2020-39484.6Warning
	Узнай статистику распространения уязвимостей в твоем регионе

KLA12094Multiple vulnerabilities in VMware Workstation and Player