VMware Releases Security Updates for ESXi and Horizon DaaS

VMware has released security updates to address a vulnerability in ESXi and Horizon Data-as-a-Service (DaaS). An attacker could exploit this vulnerability to take control of an affected system.

Threat ID:: CC-3306
Category:
Threat Severity:: Information only
Threat Vector:
Published:: 9 December 2019 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

VMware has released security updates to address a vulnerability in ESXi and Horizon Data-as-a-Service (DaaS). An attacker could exploit this vulnerability to take control of an affected system.

Affected platforms

The following platforms are known to be affected:

VMware Horizon

VMware Horizon DaaS - Versions 8.x and earlier
VMware ESXi - Versions 6.7 prior to ESXi670-201912001, 6.5 prior to ESXi650-201912001, and 6.0 prior to ESXi600-201912001

VMware vSphere ESXi

Threat details

For further information:

CVE-2019-5544 - CVSS v3 9.8

Remediation steps

Type	Step
	Users and administrators are encouraged to review VMware security advisory VMSA-2019-0022 and apply the necessary updates and workarounds.

CVE Vulnerabilities

Status

CVE-2019-5544

Last edited: 29 June 2021 11:57 am