Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon Client for Windows

Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon Client for Windows

CVE-2020-3986 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.

Learn more about our Cis Benchmark Audit For Print Devices.