Vulnerability Description

On October 21, 2020, NSFOCUS detected that VMware released a security advisory that fixes a VMware ESXi remote code execution vulnerability (CVE-2020-3992). This vulnerability exists because OpenSLP as used in VMware ESXi has a use-after-free issue. An attacker residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution. The vulnerability is assigned a CVSS base score of 9.8. Users should take preventive measures as soon as possible.

Reference link:

Overview

Recently, VMware released a security advisory, announcing remediation of a remote code execution vulnerability (CVE-2020-3943) in vRealize Operations for Horizon Adapter. VMware has evaluated the severity of this vulnerability to be in the critical severity range with a maximum CVSSv3 base score of 9.0. (mais…)

Overview

On December 5, local time, VMware officially released a security advisory that revealed a remote code execution vulnerability (CVE-2019-5544) in VMware ESXi and Horizon DaaS. The vulnerability is due to a heap overwrite issue in OpenSLP used in ESXi and Horizon DaaS appliances. Malicious users with access to port 427 on the ESXi host or any Horizon DaaS platform through the network may overwrite the heap of the OpenSLP service, eventually causing remote code execution. (mais…)