Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon Client
CVE-2021-21987
6.5MEDIUM
Key Information:
- Vendor
Vmware
- Vendor
- CVE Published:
- 24 May 2021
What is CVE-2021-21987?
VMware Workstation and Horizon Client for Windows have a vulnerability in the Cortado ThinPrint component that allows for out-of-bounds reads. This flaw can potentially be exploited by malicious actors who have access to a virtual machine or remote desktop, leading to unauthorized information disclosure from the TPView process. It is crucial for users to apply the recommended updates to safeguard their systems from potential exploitation.
Affected Version(s)
VMware Workstation Pro / Player (Workstation), VMware Horizon Client for Windows VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2)