CVE-2020-3951

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 15.x before 15.5.2 Horizon Client for Windows versions 5.x and prior before 5.4.0

Description The issue is related to a heap-overflow problem in the Cortado Thinprint component, which can be exploited to create a denial-of-service condition. Attackers with non-administrative access to a guest VM with virtual printing enabled may exploit this issue to disrupt the Thinprint service.

Recommendations For VMware Workstation versions 15.x before 15.5.2, update to version 15.5.2 or later. For Horizon Client for Windows versions 5.x and prior before 5.4.0, update to version 5.4.0 or later. As a temporary workaround, consider disabling the virtual printing feature in the guest VM to minimize the risk of exploitation.