VMware

VMware vRealize Operations for Horizon Adapter Remote Code Execution Vulnerability (CVE-2020-3943) Threat Alert

March 13, 2020

Overview

Recently, VMware released a security advisory, announcing remediation of a remote code execution vulnerability (CVE-2020-3943) in vRealize Operations for Horizon Adapter. VMware has evaluated the severity of this vulnerability to be in the critical severity range with a maximum CVSSv3 base score of 9.0. (more…)

VMware ESXi Remote Code Execution Vulnerability (CVE-2019-5544) Threat Alert

VMware

December 20, 2019

Overview

On December 5, local time, VMware officially released a security advisory that revealed a remote code execution vulnerability (CVE-2019-5544) in VMware ESXi and Horizon DaaS. The vulnerability is due to a heap overwrite issue in OpenSLP used in ESXi and Horizon DaaS appliances. Malicious users with access to port 427 on the ESXi host or any Horizon DaaS platform through the network may overwrite the heap of the OpenSLP service, eventually causing remote code execution. (more…)