Vulnerability Details CVE-2020-3991
VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time. Successful exploitation of this issue may allow an attacker to overwrite certain admin privileged files through a symbolic link attack at install time. This will result into a denial-of-service condition on the machine where Horizon Client for Windows is installed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.0%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 3.6
References
Products affected by CVE-2020-3991
-
cpe:2.3:a:vmware:horizon_client:5.0.0
-
cpe:2.3:a:vmware:horizon_client:5.1.0
-
cpe:2.3:a:vmware:horizon_client:5.2.0
-
cpe:2.3:a:vmware:horizon_client:5.3.0
-
cpe:2.3:a:vmware:horizon_client:5.4.0
-
cpe:2.3:a:vmware:horizon_client:5.4.3
-
cpe:2.3:a:vmware:horizon_client:5.4.4
-
cpe:2.3:o:microsoft:windows:-