VMware Security Announcement VMSA-2020-0017

Just released today VMSA-2020-0017. This advisory is for VMware Fusion, VMware Remote Console and Horizon Client. These updates address a privilege escalation vulnerability (CVE-2020-3974). These updates will also address VMSA-2020-0011, as noted in the updated advisory VMSA-2020-0011.1 https://www.vmware.com/security/advisories/VMSA-2020-0011.html

Impacted Products
  • VMware Fusion Pro / Fusion (Fusion)
  • VMware Remote Console for Mac (VMRC for Mac)
  • VMware Horizon Client for Mac
Introduction

A privilege escalation vulnerability in VMware Fusion, VMRC for Mac and Horizon Client for Mac was privately reported to VMware. Updates are available to address this vulnerability.

XPC Client validation privilege escalation vulnerability (CVE-2020-3974)

Description

VMware Fusion, VMRC for Mac and Horizon Client for Mac contain a privilege escalation vulnerability due to improper XPC Client validation. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8.

Known Attack Vectors

Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC for Mac or Horizon Client for Mac is installed.

Resolution

For VMware Fusion installed version 11.5.5 to mitigate the issue. Download links are listed below.

To remediate VMRC for Mac. install version 11.2. Download links are listed below.

To remediate the Horizon Client for Mac install version 5.4.3. Download links are listed below.

Fixed Version(s) and Release Notes:

VMware Fusion 11.5.5

Downloads and Documentation:

https://www.vmware.com/go/downloadfusion

https://docs.vmware.com/en/VMware-Fusion/index.html

VMware Horizon Client for Mac 5.4.3

Downloads and Documentation:

https://my.vmware.com/en/web/vmware/downloads/info/slug/desktop_end_user_computing/vmware_horizon_clients/5_0

https://docs.vmware.com/en/VMware-Horizon-Client/index.html

VMware Remote Console for Mac 11.2.0

Downloads and Documentation:

https://my.vmware.com/en/web/vmware/downloads/details?downloadGroup=VMRC1120&productId=974

https://docs.vmware.com/en/VMware-Remote-Console/index.html

Here is the link to the official advisory

https://www.vmware.com/security/advisories/VMSA-2020-0017.html