VMware ¶à¸ö²úÆ·¸ßΣÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2020-03-16

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2020-3947£¬ £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.3£¬ £¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-3948£¬ £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.8£¬ £¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-5543£¬ £¬£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬ £¬£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.3£¬ £¬£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


CVE-2020-3947£º

VMware Workstation 15.x°æ±¾

VMware Fusion 11.x°æ±¾


CVE-2020-3948£º

VMware Workstation 15.x°æ±¾

VMware Fusion 11.x°æ±¾


CVE-2019-5543£º

Horizon Client for Windows 5.x¼°Ö®Ç°°æ±¾

VMRC for Windows 10.x°æ±¾

VMware Workstation for Windows 15.x °æ±¾


Îó²î¸ÅÊö


VMware WorkstationºÍVMware Fusion¶¼ÊÇÃÀ¹úÍþ¨VMware£©¹«Ë¾µÄ²úÆ·¡£¡£¡£¡£¡£¡£¡£VMware WorkstationÊÇÒ»Ì×ÐéÄâ»úÈí¼þ¡£¡£¡£¡£¡£¡£¡£¸ÃÈí¼þÌṩ¿ÉÒÔͬʱÔËÐжà¸ö²î±ðµÄ²Ù×÷ϵͳµÄÐéÄâ»ú¹¦Ð§¡£¡£¡£¡£¡£¡£¡£VMware FusionÊÇÒ»Ì×רÓÃÓÚÔÚÆ»¹û»ú£¨Mac£©ÉÏÔËÐÐWindowsÓ¦ÓóÌÐòµÄµÄÐéÄâ»úÈí¼þ¡£¡£¡£¡£¡£¡£¡£


¿ËÈÕ£¬ £¬£¬£¬£¬£¬£¬VMwareÐû²¼¹Ù·½Ç徲ͨ¸æ, VMware ²¿·Ö²úÆ·±£´æÒÔÏÂÎó²î:


CVE-2020-3947Îó²î£¬ £¬£¬£¬£¬£¬£¬VMware Workstation 15.x°æ±¾ºÍVMware Fusion 11.x°æ±¾µÄvmnetdhcpЧÀͱ£´æUAFÎó²î£¬ £¬£¬£¬£¬£¬£¬¶ñÒâ¹¥»÷ÕßÔÚÄõ½ÐéÄâ»úȨÏÞºó£¬ £¬£¬£¬£¬£¬£¬ÀÖ³ÉʹÓôËÎó²î¿ÉÄܵ¼Ö´ÓÐéÄâ»úԽȨÔÚËÞÖ÷»úÉÏÖ´ÐдúÂ룬 £¬£¬£¬£¬£¬£¬´Ó¶øʵÏÖÐéÄâ»úÌÓÒÝ£¬ £¬£¬£¬£¬£¬£¬½¨Ò龡¿ì²âÊÔÎó²îÐÞ¸´µÄ°æ±¾²¢Ö´ÐÐÉý¼¶¡£¡£¡£¡£¡£¡£¡£


CVE-2020-3948Îó²î£¬ £¬£¬£¬£¬£¬£¬ÔÚÔËÐÐLinuxϵͳµÄÐéÄâ»ú¿ªÆôÐéÄâ´òÓ¡×é¼þµÄÉèÖÃϱ£´æÍâµØȨÏÞÌáÉýÎó²î£¬ £¬£¬£¬£¬£¬£¬¶ñÒâ¹¥»÷ÕßÀÖ³ÉʹÓôËÎó²î¿ÉÄܵ¼ÖÂÔÚ¸ÃÐéÄâ»úÖдÓͨË×Óû§ÌáȨµ½rootȨÏÞ£¨ÐéÄâ´òӡĬÈÏδÆôÓã©£¬ £¬£¬£¬£¬£¬£¬½¨Ò龡¿ì²âÊÔÎó²îÐÞ¸´µÄ°æ±¾²¢Ö´ÐÐÉý¼¶£¬ £¬£¬£¬£¬£¬£¬Í¬Ê±ÔÚÉý¼¶°æ±¾ºóÐèÒªÖØÐÂ×°ÖÃÐéÄâ»úÖеÄÐéÄâ´òÓ¡»ú¡£¡£¡£¡£¡£¡£¡£


CVE-2019-5543Îó²î£¬ £¬£¬£¬£¬£¬£¬Æ¾Ö¤ÆÊÎö£¬ £¬£¬£¬£¬£¬£¬ÔÚHorizon Client for Windows 5.x¼°Ö®Ç°°æ±¾ºÍVMRC for Windows 10.x°æ±¾µÄ¡°VMware USB arbitration service¡±Ð§ÀÍÉèÖÃÎļþ¼Ð±£´æí§ÒâÓû§Ð´ÈëÎó²î£¬ £¬£¬£¬£¬£¬£¬¶ñÒâ¹¥»÷ÕßÀÖ³ÉʹÓôËÎó²î¿ÉÄÜÔÚWindowsϵͳÉÏÒÔí§ÒâÓû§µÄÉí·ÝÖ´ÐÐÏÂÁ £¬£¬£¬£¬£¬£¬´Ó¶ø»ñµÃȨÏÞÌáÉý£¬ £¬£¬£¬£¬£¬£¬½¨Ò龡¿ì²âÊÔÎó²îÐÞ¸´µÄ°æ±¾²¢Ö´ÐÐÉý¼¶¡£¡£¡£¡£¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPoC/EXP¡£¡£¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ¹Ù·½ÒÑÐû²¼×îа汾ÐÞ¸´¸ÃÎó²î£¬ £¬£¬£¬£¬£¬£¬ÊµÊ±¸üÐÂÊÜÓ°ÏìµÄVmware²úÆ·µ½ÈçÏ°汾£º


VMware Workstation Pro 15.5.2 ÏÂÔصص㣺

https://www.vmware.com/go/downloadworkstation


VMware Workstation Player 15.5.2ÏÂÔصص㣺

https://www.vmware.com/go/downloadplayer


VMware Fusion 11.5.2ÏÂÔصص㣺

https://www.vmware.com/go/downloadfusion


VMware Horizon Client for Windows 5.3.0ÏÂÔصص㣺

https://my.vmware.com/web/vmware/details?downloadGroup=CART20FQ4_WIN_530&productId=863


VMware Remote Console for Windows 11.0.0ÏÂÔصص㣺

https://my.vmware.com/web/vmware/details?downloadGroup=VMRC1100&productId=742


²Î¿¼Á´½Ó


https://www.vmware.com/security/advisories/VMSA-2020-0004.html