CVE-2018-6970 : What You Need to Know

A vulnerability has been identified in VMware Horizon 6, Horizon 7, and Horizon Client that could allow unauthorized access to privileged information.

Understanding CVE-2018-6970

This CVE involves an out-of-bounds read vulnerability in VMware Horizon products, potentially leading to information leakage.

What is CVE-2018-6970?

The vulnerability in VMware Horizon 6, Horizon 7, and Horizon Client versions prior to specified releases allows lower-privileged users to access privileged process data.

The Impact of CVE-2018-6970

Exploiting this vulnerability could result in unauthorized access to sensitive information on systems with affected VMware products installed.

Technical Details of CVE-2018-6970

This section provides detailed technical information about the CVE.

Vulnerability Description

The vulnerability involves an out-of-bounds read in the Message Framework library of VMware Horizon products.

Affected Systems and Versions

Affected Products: VMware Horizon 6, Horizon 7, and Horizon Client
Vulnerable Versions: VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1)

Exploitation Mechanism

Exploiting this vulnerability allows users with lower privileges to access information from privileged processes on systems with affected VMware products.

Mitigation and Prevention

Protecting systems from CVE-2018-6970 requires immediate actions and long-term security practices.

Immediate Steps to Take

Update VMware Horizon products to the recommended versions to mitigate the vulnerability.
Monitor and restrict user access to sensitive information.

Long-Term Security Practices

Regularly update and patch VMware products to address security vulnerabilities.
Implement the principle of least privilege to limit user access rights.

Patching and Updates

Apply security patches and updates provided by VMware to ensure the protection of systems from known vulnerabilities.