QID 730317

Date Published: 2021-12-28

QID 730317: VMware Horizon Windows and Linux Agent Apache Log4j Remote Code Execution (RCE) Vulnerabilities (Unauthenticated Check) (Log4Shell)

VMware Horizon agents communicates with Horizon Client to provide features such as connection monitoring, virtual printing, Horizon Persona Management, and access to locally connected USB devices.

Affected Versions:
VMware Horizon Windows Agent 2111 Build 19050221
VMware Horizon Windows Agent 2006
VMware Horizon Windows Agent 7.13.1 Build 18035779 (release date 5/25/2021)
VMware Horizon Windows Agent 7.13.0 Build 16975066 (release date 10/15/2020)
VMware Horizon Windows Agent 7.10.3 Build 17056647 (release date 10/22/2020)

QID Detection Logic (unauthenticated):
This QID checks for vulnerable versions of Vmware Horizon by sending the payload to remote server.

A malicious actor with network access to an impacted VMware product may exploit this issue to gain full control of the target system.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Currently, there is no resolution. Please check VMSA-2021-0028 for updates. Workaround:

    Refer to KB87073 for more information.

    CVEs related to QID 730317

    Software Advisories
    Advisory ID Software Component Link