CVE-2020-3988 : Security Advisory and Response
Learn about CVE-2020-3988 affecting VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4). Find out the impact, technical details, and mitigation steps.
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser) that could lead to a partial denial-of-service condition or memory leakage.
Understanding CVE-2020-3988
This CVE involves multiple out-of-bounds read issues via Cortado ThinPrint.
What is CVE-2020-3988?
CVE-2020-3988 is a vulnerability in VMware Workstation and Horizon Client for Windows that allows a malicious actor to exploit out-of-bounds read issues in the Cortado ThinPrint component.
The Impact of CVE-2020-3988
The vulnerability could enable an attacker with normal access to a virtual machine to create a partial denial-of-service condition or leak memory from the TPView process.
Technical Details of CVE-2020-3988
This section provides more technical insights into the CVE.
Vulnerability Description
- Out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser)
Affected Systems and Versions
- VMware Workstation (15.x)
- Horizon Client for Windows (5.x before 5.4.4)
Exploitation Mechanism
- Malicious actor with normal access to a virtual machine can exploit the vulnerability
Mitigation and Prevention
Protect your systems from CVE-2020-3988 with the following steps:
Immediate Steps to Take
- Apply the necessary security patches provided by VMware
- Monitor for any unusual activities on the affected systems
Long-Term Security Practices
- Regularly update and patch all software and applications
- Implement network segmentation to limit the impact of potential attacks
Patching and Updates
- Ensure that VMware Workstation and Horizon Client for Windows are updated to versions that address the vulnerability