CVE-2019-5543

Name of the Vulnerable Software and Affected Versions VMware Horizon Client for Windows versions 5.x and prior before 5.3.0 VMware Remote Console for Windows versions 10.x before 11.0.0 VMware Workstation for Windows versions 15.x before 15.5.2

Description The issue is related to incorrect permission assignment for files in the VMware USB client service, affecting VMware Horizon Client, VMware Remote Console, and VMware Workstation for Windows operating systems. Exploitation of this issue may allow an attacker to execute arbitrary code. A local user on the system where the software is installed may exploit this issue to run commands as any user.

Recommendations For VMware Horizon Client for Windows versions 5.x and prior before 5.3.0, update to version 5.3.0 or later. For VMware Remote Console for Windows versions 10.x before 11.0.0, update to version 11.0.0 or later. For VMware Workstation for Windows versions 15.x before 15.5.2, update to version 15.5.2 or later.