VMware Security Announcement VMSA-2020-0024

Today VMware released a new security announcement, VMSA-2020-0024. This affects VMware Horizon Server and VMware Horizon Client, the updates address multiple security vulnerabilities (CVE-2020-3997, CVE-2020-3998).

Impacted Products
  • VMware Horizon Server
  • VMware Horizon Client for Windows

VMware Horizon Server Cross Site Scripting (XSS) vulnerability (CVE-2020-3997)

Description

VMware Horizon Server does not correctly validate user input. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.1.

Known Attack Vectors

Successful exploitation of this issue may allow an attacker to inject malicious script which will be executed.

Resolution

Horizon Server 8.x is not affected by this vulnerability.

For Horizon Server 7.x, apply patch 7.10.3 or 7.13.0. Download links will be provided below.

VMware Horizon Client for Windows information disclosure vulnerability (CVE-2020-3998)

Description

VMware Horizon Server does not correctly validate user input. VMware has evaluated the severity of this issue to be in the Low severity range with a maximum CVSSv3 base score of 3.3.

Known Attack Vectors

A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes.

Resolution

For Horizon Client for Windows 5.x and prior, install patch 5.5.0. Download links will be provided below.

References

Fixed Version(s) and Release Notes:

Horizon Server

Downloads and Documentation:

https://my.vmware.com/en/web/vmware/downloads/info/slug/desktop_end_user_computing/vmware_horizon/7_10

https://docs.vmware.com/en/VMware-Horizon-7/index.html

Horizon Client for Windows 5.5.0
Downloads and Documentation:
https://my.vmware.com/en/web/vmware/downloads/details?downloadGroup=CART21FQ3_WIN_550&productId=863&rPId=53321
https://docs.vmware.com/en/VMware-Horizon-Client/index.html

Lastly, Here is a link to the official advisory from VMware

https://www.vmware.com/security/advisories/VMSA-2020-0024.html

Happy Patching!