Command Injection Vulnerability in VMware Horizon View Client Allows Privilege Escalation on Mac OSX

Command Injection Vulnerability in VMware Horizon View Client Allows Privilege Escalation on Mac OSX

CVE-2017-4918 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.

Learn more about our User Device Pen Test.