QID 376207

Date Published: 2021-12-29

QID 376207: VMware Horizon Windows Agent Apache Log4j Remote Code Execution (RCE) Vulnerabilities (VMSA-2021-0028) (Log4Shell)

VMware Horizon agents communicates with Horizon Client to provide features such as connection monitoring, virtual printing, Horizon Persona Management, and access to locally connected USB devices.

Affected Versions:
VMware Horizon Windows Agent 2111 Build 19050221
VMware Horizon Windows Agent 2006
VMware Horizon Windows Agent 7.13.1 Build 18035779 (release date 5/25/2021)
VMware Horizon Windows Agent 7.13.0 Build 16975066 (release date 10/15/2020)
VMware Horizon Windows Agent 7.10.3 Build 17056647 (release date 10/22/2020)

QID Detection Logic (authenticated):
This QID checks for vulnerable versions of Horizon agent exe file.

A malicious actor with network access to an impacted VMware product may exploit this issue to gain full control of the target system.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Currently, there is no resolution. Please check VMSA-2021-0028 for updates. Workaround:

    Refer to KB87073 for more information.

    CVEs related to QID 376207

    Software Advisories
    Advisory ID Software Component Link