CVE-2020-3998 : Security Advisory and Response

VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability that could allow a malicious attacker to retrieve hashed credentials in case of a client crash.

Understanding CVE-2020-3998

This CVE identifies a security flaw in VMware Horizon Client for Windows that could lead to the exposure of sensitive information.

What is CVE-2020-3998?

CVE-2020-3998 is an information disclosure vulnerability in VMware Horizon Client for Windows (5.x prior to 5.5.0), potentially exploited by a local attacker with specific privileges.

The Impact of CVE-2020-3998

The vulnerability could result in the unauthorized retrieval of hashed credentials by an attacker with local access to the affected system.

Technical Details of CVE-2020-3998

VMware Horizon Client for Windows (5.x prior to 5.5.0) vulnerability details.

Vulnerability Description

Type: Information disclosure
Affected Version: VMware Horizon Client for Windows (5.x prior to 5.5.0)
Attack Vector: Local
Privileges Required: Low

Affected Systems and Versions

Product: VMware Horizon Client for Windows
Version: 5.x prior to 5.5.0

Exploitation Mechanism

Attacker with local privileges on the machine can exploit the vulnerability.
Hashed credentials can be retrieved if the client crashes.

Mitigation and Prevention

Protect your systems from CVE-2020-3998.

Immediate Steps to Take

Update VMware Horizon Client for Windows to version 5.5.0 or later.
Monitor system logs for any suspicious activities.
Restrict access to vulnerable systems.

Long-Term Security Practices

Regularly update software and security patches.
Implement the principle of least privilege to limit access.
Conduct security training for employees on handling sensitive information.

Patching and Updates

Apply security patches provided by VMware promptly.
Stay informed about security advisories and updates from VMware.