PT-2020-3949 · Cortado+1 · Cortado Thinprint+2

Linhlhq

Published

2020-09-14

Updated

2021-07-21

CVE-2020-3990

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 15.x Horizon Client for Windows versions 5.x before 5.4.4

Description: The issue is caused by an integer overflow in the Cortado ThinPrint component, which can lead to information disclosure. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from the TPView process. This is only possible if virtual printing has been enabled, a feature that is not enabled by default on Workstation but is enabled by default on Horizon Client for Windows.

Recommendations: For VMware Workstation version 15.x, update to a version where this issue is fixed. For Horizon Client for Windows versions 5.x before 5.4.4, update to version 5.4.4 or later. As a temporary workaround, consider disabling virtual printing to minimize the risk of exploitation.

Fix

Integer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-125

Related Identifiers

BDU:2020-04342

CVE-2020-3990

ZDI-20-1178

Affected Products

Cortado Thinprint

Horizon Client For Windows

Vmware Workstation

PT-2020-3949 · Cortado+1 · Cortado Thinprint+2

CVE-2020-3990

Weakness Enumeration

Related Identifiers

Affected Products

References · 6