VMware Cloud Foundation
IMPORTANT: The ESXi patches released on October 20, 2020 did not address CVE-2020-3992 completely, see section (3a) Notes for an update.
Multiple vulnerabilities in VMware ESXi, Workstation, Fusion and NSX-T were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
Known Attack Vectors
A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
To remediate CVE-2020-3992 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds for CVE-2020-3992 have been listed in the 'Workarounds' column of the 'Response Matrix' below.
VMware would like to thank Lucas Leong (@wmliang) of Trend Micro's Zero Day Initiative for reporting this issue to us.
The ESXi patches released on October 20, 2020 did not address CVE-2020-3992 completely. The ESXi patches listed in the Response Matrix below are updated versions that contain the complete fix for CVE-2020-3992.