PT-2021-3087 · Cortado+1 · Cortado Thinprint+2
Published
2021-05-20
·
Updated
2021-06-04
·
CVE-2021-21989
CVSS v3.1
6.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 16.x prior to 16.1.2
Horizon Client for Windows versions 5.x prior to 5.5.2
Description
The issue is related to an out-of-bounds read vulnerability in the Cortado ThinPrint component, specifically the TTC Parser. This vulnerability may allow a malicious actor with access to a virtual machine or remote desktop to exploit the issue, leading to information disclosure from the TPView process. The vulnerability is associated with information disclosure and may enable an attacker to gain unauthorized access to protected information.
Recommendations
For VMware Workstation versions 16.x prior to 16.1.2, update to version 16.1.2 or later.
For Horizon Client for Windows versions 5.x prior to 5.5.2, update to version 5.5.2 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cortado Thinprint
Horizon Client For Windows
Vmware Workstation