CVE-2021-22000

Name of the Vulnerable Software and Affected Versions VMware ThinApp versions 5.x prior to 5.2.10

Description The issue is related to insecure loading of DLLs, which can be exploited to elevate privileges. A malicious actor with non-administrative privileges may exploit this vulnerability to gain administrator-level access on a Windows operating system with VMware ThinApp installed.

Recommendations For versions prior to 5.2.10, update to version 5.2.10 or later to resolve the issue. As a temporary workaround, consider restricting the loading of external DLLs to minimize the risk of exploitation.