Vulnerability Description
ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Horizon | < 5.2.0 |
| Vmware | Remote Console | >= 10.0.0, < 10.0.5 |
| Vmware | Workstation | >= 15.0.0, < 15.5.0 |
| Vmware | Fusion | >= 11.0.0, < 11.5.0 |
| Apple | Mac Os X | - |
| Vmware | Esxi | 6.0 |
Related Weaknesses (CWE)
References
- https://www.vmware.com/security/advisories/VMSA-2019-0014.htmlVendor Advisory
- https://www.vmware.com/security/advisories/VMSA-2019-0014.htmlVendor Advisory
FAQ
What is CVE-2019-5527?
CVE-2019-5527 is a vulnerability with a CVSS score of 8.8 (HIGH). ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity r...
How severe is CVE-2019-5527?
CVE-2019-5527 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-5527?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Horizon, Vmware Remote Console, Vmware Workstation, Vmware Fusion, Apple Mac Os X.