CVE-2017-4948 : Security Advisory and Response

An out-of-bounds read vulnerability in TPView.dll has been found in VMware Workstation versions 14.x before 14.1.0 and 12.x, as well as Horizon View Client versions 4.x before 4.7.0. This vulnerability could potentially allow a guest to obtain information from the host or cause a Denial of Service on the Windows operating system.

Understanding CVE-2017-4948

This CVE involves an out-of-bounds read vulnerability in VMware Workstation and Horizon View Client software.

What is CVE-2017-4948?

CVE-2017-4948 is an out-of-bounds read vulnerability affecting VMware Workstation and Horizon View Client software versions.

The Impact of CVE-2017-4948

Allows a guest to obtain information from the host system or cause a Denial of Service on the Windows OS.
Exploitation possible when virtual printing is enabled.

Technical Details of CVE-2017-4948

This section provides technical details of the vulnerability.

Vulnerability Description

Out-of-bounds read vulnerability in TPView.dll.
Exploitation could lead to information leakage or Denial of Service.

Affected Systems and Versions

VMware Workstation 14.x before 14.1.0 and 12.x.
Horizon View Client 4.x before 4.7.0.

Exploitation Mechanism

Exploitation requires virtual printing to be enabled.
Virtual printing is disabled by default on Workstation but enabled by default on Horizon View.

Mitigation and Prevention

Steps to mitigate and prevent exploitation of CVE-2017-4948.

Immediate Steps to Take

Disable virtual printing if not required.
Apply patches provided by VMware.

Long-Term Security Practices

Regularly update VMware software to the latest versions.
Implement network segmentation to limit the impact of potential attacks.

Patching and Updates

Apply the necessary patches released by VMware to address the vulnerability.