CVE-2019-5539

Summary

VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.

Affected Software

VendorProductVersion RangeStatus
VMwareVMware Workstation15.x prior to 15.5.1affected
VMwareHorizon View Agent7.10.x prior to 7.10.1affected
VMwareHorizon View Agent7.5.x prior 7.5.4affected

Weaknesses

  • DLL hijacking vulnerability via Cortado Thinprint

ADP Enrichment

CVE Program Container

Additional References

References