CVE-2019-5543: 
VMware Workstation Player vulnerability analysis and mitigation

CVE-2019-5543 is a privilege escalation vulnerability discovered in VMware products, specifically affecting VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), and VMware Workstation for Windows (15.x before 15.5.2). The vulnerability was disclosed in February 2020 and stems from a configuration issue where the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users (VMware Advisory).

The vulnerability has been assigned a CVSSv3 base score of 7.3, categorizing it in the Important severity range. The technical root cause involves improper file permissions in the VMware USB arbitration service configuration folder, which allows unauthorized write access to all users. This vulnerability requires local access to the affected system and user interaction for successful exploitation (VMware Advisory, NVD).

The primary impact of this vulnerability is the potential for privilege escalation, where a local user on the system where the affected software is installed can execute commands with elevated privileges. This means an attacker could potentially run commands as any user on the system, significantly compromising system security (SecurityWeek).

VMware has released patches to address this vulnerability. Users should update to the following versions: VMware Horizon Client for Windows to version 5.3.0, VMware Remote Console for Windows to version 11.0.0, and VMware Workstation for Windows to version 15.5.2. No workarounds are available for this vulnerability, making it critical for users to apply the available patches (VMware Advisory).