CVE-2017-4946
published 2018-01-05CVE-2017-4946: The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability. Successful exploitation of this issue could result in a…
PriorityP276high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.50%
38.9th percentile
The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability. Successful exploitation of this issue could result in a low privileged windows user escalating their privileges to SYSTEM.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | fusion_pro | — | — |
| vmware | vmware_fusion | — | — |
| vmware | vmware_horizon | — | — |
| vmware | vmware_tools | — | — |
| vmware | vmware_workstation | — | — |
| vmware | vrealize_operations_for_horizon | — | — |
| vmware | vrealize_operations_for_horizon | >= 6.0 < 6.5.1 | 6.5.1 |
| vmware | vrealize_operations_for_published_applications | — | — |
| vmware | vrealize_operations_for_published_applications | >= 6.1.0 < 6.5.1 | 6.5.1 |
| vmware | workstation_player | — | — |
| vmware | workstation_pro | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Privilege escalation vulnerability in V4H and V4PA desktop agents (6.x before 6.5.1) allows a low-privileged Windows user to escalate to SYSTEM ↗
- →CVE-2017-4946 affects V4H and V4PA agents version 6.x running on Windows; monitor for unexpected SYSTEM-level process spawning from low-privileged user sessions on hosts running these agents ↗
- ·Workaround KB52195 is available for both V4H and V4PA 6.x on Windows as an alternative to patching to 6.5.1 ↗
- ·The V4H agent (6.5.1) is also bundled with Horizon 7.4, meaning Horizon 7.4 deployments may also carry the patched agent ↗
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vulncheck7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VMware
vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities
vendor_vmware·2018-01-04·CVSS 7.8
CVE-2017-4945 [HIGH] vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities
VMSA-2018-0003: vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities
a. V4H and V4PA desktop agent privilege escalation vulnerability The V4H and V4PA desktop agents contain a privilege escalation vulnerability. Successful exploitation of this issue could result in a low privileged windows user escalating their privileges to SYSTEM. VMware would like to thank Martin Lemay of GoSecure Inc. for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4946 to this issue. Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available
GHSA
GHSA-g7vg-w39c-g2rp: The VMware V4H and V4PA desktop agents (6
ghsa_unreviewed·2022-05-13
CVE-2017-4946 [HIGH] CWE-863 GHSA-g7vg-w39c-g2rp: The VMware V4H and V4PA desktop agents (6
The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability. Successful exploitation of this issue could result in a low privileged windows user escalating their privileges to SYSTEM.
VulnCheck
VMware vrealize_operations_for_horizon Incorrect Authorization
vulncheck·2017·CVSS 7.8
CVE-2017-4946 [HIGH] VMware vrealize_operations_for_horizon Incorrect Authorization
VMware vrealize_operations_for_horizon Incorrect Authorization
The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability. Successful exploitation of this issue could result in a low privileged windows user escalating their privileges to SYSTEM.
Affected: VMware vrealize_operations_for_horizon
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.cisa.gov/sites/default/files/2024-07/aa24-207a-dprk-cyber-group-conducts-global-espionage-campaign.pdf
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://gosecure.net/2018/01/10/vmware-horizon-v4h-v4pa-desktop-agent-privilege-escalation-vulnerability-cve-2017-4946/http://www.securityfocus.com/bid/102441http://www.securitytracker.com/id/1040136https://www.vmware.com/us/security/advisories/VMSA-2018-0003.htmlhttp://gosecure.net/2018/01/10/vmware-horizon-v4h-v4pa-desktop-agent-privilege-escalation-vulnerability-cve-2017-4946/http://www.securityfocus.com/bid/102441http://www.securitytracker.com/id/1040136https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html
2018-01-05
Published
Exploited in the wild