CVE-2019-5539 - OpenCVE

VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Vmware	Horizon View Agent Workstation

Configuration 1 [-]

AND

OR	cpe:2.3:a:vmware:horizon_view_agent::::::::
	cpe:2.3:a:vmware:horizon_view_agent::::::::
	cpe:2.3:a:vmware:workstation::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.vmware.com/security/advisories/VMSA-2019-0023.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: vmware

Published: 2019-12-23T19:20:50

Updated: 2024-08-04T20:01:51.796Z

Reserved: 2019-01-07T00:00:00

Link: CVE-2019-5539

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-12-23T20:15:11.080

Modified: 2021-07-21T11:39:23.747

Link: CVE-2019-5539

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "VMware Workstation", "vendor": "VMware", "versions": [{"status": "affected", "version": "15.x prior to 15.5.1"}]}, {"product": "Horizon View Agent", "vendor": "VMware", "versions": [{"status": "affected", "version": "7.10.x prior to 7.10.1"}, {"status": "affected", "version": "7.5.x prior 7.5.4"}]}], "descriptions": [{"lang": "en", "value": "VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed."}], "problemTypes": [{"descriptions": [{"description": "DLL hijacking vulnerability via Cortado Thinprint", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-12-23T19:20:50", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.vmware.com/security/advisories/VMSA-2019-0023.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2019-5539", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "VMware Workstation", "version": {"version_data": [{"version_value": "15.x prior to 15.5.1"}]}}, {"product_name": "Horizon View Agent", "version": {"version_data": [{"version_value": "7.10.x prior to 7.10.1"}, {"version_value": "7.5.x prior 7.5.4"}]}}]}, "vendor_name": "VMware"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "DLL hijacking vulnerability via Cortado Thinprint"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2019-0023.html", "refsource": "CONFIRM", "url": "https://www.vmware.com/security/advisories/VMSA-2019-0023.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:01:51.796Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.vmware.com/security/advisories/VMSA-2019-0023.html"}]}]}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2019-5539", "datePublished": "2019-12-23T19:20:50", "dateReserved": "2019-01-07T00:00:00", "dateUpdated": "2024-08-04T20:01:51.796Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:horizon_view_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "E771545A-116C-47FB-B1A2-C773601AF4C8", "versionEndExcluding": "7.5.4", "versionStartIncluding": "7.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "3EAF91D4-90A8-446B-A2B1-5C6B65BA97C9", "versionEndExcluding": "7.10.1", "versionStartIncluding": "7.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "matchCriteriaId": "13B332C2-587E-49DB-8346-7F87BBE2E44F", "versionEndExcluding": "15.5.1", "versionStartIncluding": "15.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed."}, {"lang": "es", "value": "VMware Workstation (versiones 15.x anteriores a 15.5.1) y Horizon View Agent (versiones 7.10.x anteriores a 7.10.1 y versiones 7.5.x anteriores a 7.5.4), contienen una vulnerabilidad de secuestro de DLL debido a la carga no segura de una DLL por Cortado Thinprint . Una explotaci\u00f3n con \u00e9xito de este problema puede permitir a atacantes con privilegios de usuario normales escalar sus privilegios al administrador sobre una m\u00e1quina con Windows donde est\u00e1 instalado Workstation o View Agent."}], "id": "CVE-2019-5539", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-12-23T20:15:11.080", "references": [{"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2019-0023.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}]}