CVE-2021-21987

Summary

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Workstation Pro / Player (Workstation), VMware Horizon Client for WindowsVMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2)affected

Weaknesses

  • Out-of-bounds read vulnerability in Cortado ThinPrint

ADP Enrichment

CVE Program Container

Additional References

References