Search...

CVE-2020-3966

2020-06-25T15:15:00

ID CVE-2020-3966
Type cve
Reporter cve@mitre.org
Modified 2020-07-01T17:57:00

Description

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.

JSON Vulners Source

Initial Source

{"id": "CVE-2020-3966", "bulletinFamily": "NVD", "title": "CVE-2020-3966", "description": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.", "published": "2020-06-25T15:15:00", "modified": "2020-07-01T17:57:00", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-3966", "reporter": "cve@mitre.org", "references": ["https://www.vmware.com/security/advisories/VMSA-2020-0015.html", "https://www.zerodayinitiative.com/advisories/ZDI-20-783/"], "cvelist": ["CVE-2020-3966"], "type": "cve", "lastseen": "2020-12-09T22:03:15", "edition": 8, "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "zdi", "idList": ["ZDI-20-783"]}, {"type": "nessus", "idList": ["VMWARE_VMSA-2020-0015.NASL"]}], "modified": "2020-12-09T22:03:15", "rev": 2}, "score": {"value": 3.8, "vector": "NONE", "modified": "2020-12-09T22:03:15", "rev": 2}, "vulnersScore": 3.8}, "cpe": ["cpe:/o:vmware:esxi:6.5", "cpe:/o:vmware:esxi:7.0.0", "cpe:/o:vmware:esxi:6.7"], "affectedSoftware": [{"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.5"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "6.7"}, {"cpeName": "vmware:cloud_foundation", "name": "vmware cloud foundation", "operator": "lt", "version": "3.10"}, {"cpeName": "vmware:workstation", "name": "vmware workstation", "operator": "lt", "version": "15.5.2"}, {"cpeName": "vmware:esxi", "name": "vmware esxi", "operator": "eq", "version": "7.0.0"}, {"cpeName": "vmware:cloud_foundation", "name": "vmware cloud foundation", "operator": "lt", "version": "4.0.1"}, {"cpeName": "vmware:fusion", "name": "vmware fusion", "operator": "lt", "version": "11.5.2"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 6.0}, "cpe23": ["cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*", "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*"], "cwe": ["CWE-362"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:vmware:workstation:15.5.2:*:*:*:*:*:*:*", "versionEndExcluding": "15.5.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:fusion:11.5.2:*:*:*:*:*:*:*", "versionEndExcluding": "11.5.2", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:*", "versionEndExcluding": "3.10", "versionStartIncluding": "3.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*", "versionEndExcluding": "4.0.1", "versionStartIncluding": "4.0.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}}

{"zdi": [{"lastseen": "2020-06-30T19:24:56", "bulletinFamily": "info", "cvelist": ["CVE-2020-3966"], "description": "This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the EHCI component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor.", "edition": 1, "modified": "2020-06-30T00:00:00", "published": "2020-06-30T00:00:00", "id": "ZDI-20-783", "href": "https://www.zerodayinitiative.com/advisories/ZDI-20-783/", "title": "VMware Workstation EHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability", "type": "zdi", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2020-07-07T05:00:44", "description": "a. Use-after-free vulnerability in SVGA device (CVE-2020-3962)\n\nVMware ESXi, Workstation and Fusion contain a Use-after-free\nvulnerability in the SVGA device. A malicious actor with local access\nto a virtual machine with 3D graphics enabled may be able to exploit\nthis vulnerability to execute code on the hypervisor from a virtual\nmachine.\n\nb. Off-by-one heap-overflow vulnerability in SVGA device (CVE-2020-3969)\n\nVMware ESXi, Workstation and Fusion contain an off-by-one\nheap-overflow vulnerability in the SVGA device. A malicious actor with\nlocal access to a virtual machine with 3D graphics enabled may be able\nto exploit this vulnerability to execute code on the hypervisor from a\nvirtual machine. Additional conditions beyond the attackers control\nmust be present for exploitation to be possible.\n\nc. Out-of-bound read issue in Shader Functionality (CVE-2020-3970)\n\nVMware ESXi, Workstation and Fusion contain an out-of-bounds read\nvulnerability in the Shader functionality. A malicious actor with\nnon-administrative local access to a virtual machine with 3D graphics\nenabled may be able to exploit this vulnerability to crash the virtual\nmachines vmx process leading to a partial denial of service condition.\n\nd. Heap-overflow issue in EHCI controller (CVE-2020-3967)\n\nVMware ESXi, Workstation and Fusion contain a heap-overflow\nvulnerability in the USB 2.0 controller (EHCI). A malicious actor with\nlocal access to a virtual machine may be able to exploit this\nvulnerability to execute code on the hypervisor from a virtual\nmachine. Additional conditions beyond the attackers control must be\npresent for exploitation to be possible.\n\ne. Out-of-bounds write vulnerability in xHCI controller (CVE-2020-3968)\n\nVMware ESXi, Workstation and Fusion contain an out-of-bounds write\nvulnerability in the USB 3.0 controller (xHCI). A malicious actor with\nlocal administrative privileges on a virtual machine may be able to\nexploit this issue to crash the virtual machines vmx process leading\nto a denial of service condition or execute code on the hypervisor\nfrom a virtual machine. Additional conditions beyond the attackers\ncontrol must be present for exploitation to be possible.\n\nf. Heap-overflow due to race condition in EHCI controller (CVE-2020-3966)\n\nVMware ESXi, Workstation and Fusion contain a heap-overflow due to a\nrace condition issue in the USB 2.0 controller (EHCI). A malicious\nactor with local access to a virtual machine may be able to exploit\nthis vulnerability to execute code on the hypervisor from a virtual\nmachine. Additional conditions beyond the attackers control must be\npresent for exploitation to be possible.\n\ng. Information leak in the XHCI USB controller (CVE-2020-3965)\n\nVMware ESXi, Workstation and Fusion contain an information leak in the\nXHCI USB controller. A malicious actor with local access to a virtual\nmachine may be able to read privileged information contained in\nhypervisor memory from a virtual machine.\n\nh. Information Leak in the EHCI USB controller (CVE-2020-3964)\nDescription\n\nVMware ESXi, Workstation and Fusion contain an information leak in the\nEHCI USB controller. A malicious actor with local access to a virtual\nmachine may be able to read privileged information contained in the\nhypervisors memory. Additional conditions beyond the attackers control\nneed to be present for exploitation to be possible.\n\ni. Use-after-free vulnerability in PVNVRAM (CVE-2020-3963)\n\nVMware ESXi, Workstation and Fusion contain a Use-after-free\nvulnerability in PVNVRAM. A malicious actor with local access to a\nvirtual machine may be able to read privileged information contained\nin physical memory.\n\nj. Heap overflow vulnerability in vmxnet3 (CVE-2020-3971)\n\nVMware ESXi, Fusion and Workstation contain a heap overflow\nvulnerability in the vmxnet3 virtual network adapter. A malicious\nactor with local access to a virtual machine with a vmxnet3 network\nadapter present may be able to read privileged information contained\nin physical memory.", "edition": 6, "cvss3": {"score": 8.2, "vector": "AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-06-25T00:00:00", "title": "VMSA-2020-0015 : VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-3963", "CVE-2020-3965", "CVE-2020-3969", "CVE-2020-3964", "CVE-2020-3968", "CVE-2020-3971", "CVE-2020-3967", "CVE-2020-3962", "CVE-2020-3970", "CVE-2020-3966"], "modified": "2020-06-25T00:00:00", "cpe": ["cpe:/o:vmware:esxi:6.5", "cpe:/o:vmware:esxi:6.7"], "id": "VMWARE_VMSA-2020-0015.NASL", "href": "https://www.tenable.com/plugins/nessus/137826", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2020-0015. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137826);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/06\");\n\n script_cve_id(\"CVE-2020-3962\", \"CVE-2020-3963\", \"CVE-2020-3964\", \"CVE-2020-3965\", \"CVE-2020-3966\", \"CVE-2020-3967\", \"CVE-2020-3968\", \"CVE-2020-3969\", \"CVE-2020-3970\", \"CVE-2020-3971\");\n script_xref(name:\"VMSA\", value:\"2020-0015\");\n script_xref(name:\"IAVA\", value:\"2020-A-0265\");\n\n script_name(english:\"VMSA-2020-0015 : VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities\");\n script_summary(english:\"Checks esxupdate output for the patches\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote VMware ESXi host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"a. Use-after-free vulnerability in SVGA device (CVE-2020-3962)\n\nVMware ESXi, Workstation and Fusion contain a Use-after-free\nvulnerability in the SVGA device. A malicious actor with local access\nto a virtual machine with 3D graphics enabled may be able to exploit\nthis vulnerability to execute code on the hypervisor from a virtual\nmachine.\n\nb. Off-by-one heap-overflow vulnerability in SVGA device (CVE-2020-3969)\n\nVMware ESXi, Workstation and Fusion contain an off-by-one\nheap-overflow vulnerability in the SVGA device. A malicious actor with\nlocal access to a virtual machine with 3D graphics enabled may be able\nto exploit this vulnerability to execute code on the hypervisor from a\nvirtual machine. Additional conditions beyond the attackers control\nmust be present for exploitation to be possible.\n\nc. Out-of-bound read issue in Shader Functionality (CVE-2020-3970)\n\nVMware ESXi, Workstation and Fusion contain an out-of-bounds read\nvulnerability in the Shader functionality. A malicious actor with\nnon-administrative local access to a virtual machine with 3D graphics\nenabled may be able to exploit this vulnerability to crash the virtual\nmachines vmx process leading to a partial denial of service condition.\n\nd. Heap-overflow issue in EHCI controller (CVE-2020-3967)\n\nVMware ESXi, Workstation and Fusion contain a heap-overflow\nvulnerability in the USB 2.0 controller (EHCI). A malicious actor with\nlocal access to a virtual machine may be able to exploit this\nvulnerability to execute code on the hypervisor from a virtual\nmachine. Additional conditions beyond the attackers control must be\npresent for exploitation to be possible.\n\ne. Out-of-bounds write vulnerability in xHCI controller (CVE-2020-3968)\n\nVMware ESXi, Workstation and Fusion contain an out-of-bounds write\nvulnerability in the USB 3.0 controller (xHCI). A malicious actor with\nlocal administrative privileges on a virtual machine may be able to\nexploit this issue to crash the virtual machines vmx process leading\nto a denial of service condition or execute code on the hypervisor\nfrom a virtual machine. Additional conditions beyond the attackers\ncontrol must be present for exploitation to be possible.\n\nf. Heap-overflow due to race condition in EHCI controller (CVE-2020-3966)\n\nVMware ESXi, Workstation and Fusion contain a heap-overflow due to a\nrace condition issue in the USB 2.0 controller (EHCI). A malicious\nactor with local access to a virtual machine may be able to exploit\nthis vulnerability to execute code on the hypervisor from a virtual\nmachine. Additional conditions beyond the attackers control must be\npresent for exploitation to be possible.\n\ng. Information leak in the XHCI USB controller (CVE-2020-3965)\n\nVMware ESXi, Workstation and Fusion contain an information leak in the\nXHCI USB controller. A malicious actor with local access to a virtual\nmachine may be able to read privileged information contained in\nhypervisor memory from a virtual machine.\n\nh. Information Leak in the EHCI USB controller (CVE-2020-3964)\nDescription\n\nVMware ESXi, Workstation and Fusion contain an information leak in the\nEHCI USB controller. A malicious actor with local access to a virtual\nmachine may be able to read privileged information contained in the\nhypervisors memory. Additional conditions beyond the attackers control\nneed to be present for exploitation to be possible.\n\ni. Use-after-free vulnerability in PVNVRAM (CVE-2020-3963)\n\nVMware ESXi, Workstation and Fusion contain a Use-after-free\nvulnerability in PVNVRAM. A malicious actor with local access to a\nvirtual machine may be able to read privileged information contained\nin physical memory.\n\nj. Heap overflow vulnerability in vmxnet3 (CVE-2020-3971)\n\nVMware ESXi, Fusion and Workstation contain a heap overflow\nvulnerability in the vmxnet3 virtual network adapter. A malicious\nactor with local access to a virtual machine with a vmxnet3 network\nadapter present may be able to read privileged information contained\nin physical memory.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2020/000500.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3968\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:6.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:6.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2020-06-23\");\nflag = 0;\n\n\nif (esx_check(ver:\"ESXi 6.5\", vib:\"VMware:esx-base:6.5.0-3.126.16207673\")) flag++;\nif (esx_check(ver:\"ESXi 6.5\", vib:\"VMware:esx-tboot:6.5.0-3.126.16207673\")) flag++;\nif (esx_check(ver:\"ESXi 6.5\", vib:\"VMware:vsan:6.5.0-3.126.15965595\")) flag++;\nif (esx_check(ver:\"ESXi 6.5\", vib:\"VMware:vsanhealth:6.5.0-3.126.15965596\")) flag++;\n\nif (esx_check(ver:\"ESXi 6.7\", vib:\"VMware:esx-base:6.7.0-3.108.16316930\")) flag++;\nif (esx_check(ver:\"ESXi 6.7\", vib:\"VMware:esx-update:6.7.0-3.108.16316930\")) flag++;\nif (esx_check(ver:\"ESXi 6.7\", vib:\"VMware:vsan:6.7.0-3.108.16243518\")) flag++;\nif (esx_check(ver:\"ESXi 6.7\", vib:\"VMware:vsanhealth:6.7.0-3.108.16243519\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:esx_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}]}