PT-2021-3251 · Cortado+1 · Cortado Thinprint+2
Hjy79425575
+1
·
Published
2021-05-20
·
Updated
2021-06-04
·
CVE-2021-21987
CVSS v3.1
6.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 16.x prior to 16.1.2
Horizon Client for Windows versions 5.x prior to 5.5.2
Description
The issue is related to an out-of-bounds read vulnerability in the Cortado ThinPrint component, specifically the TTC Parser. This vulnerability can be exploited by a malicious actor with access to a virtual machine or remote desktop, potentially leading to information disclosure from the TPView process. The exploitation may allow a remote attacker to disclose protected information.
Recommendations
For VMware Workstation versions 16.x prior to 16.1.2, update to version 16.1.2 or later.
For Horizon Client for Windows versions 5.x prior to 5.5.2, update to version 5.5.2 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cortado Thinprint
Horizon Client For Windows
Vmware Workstation