CVE-2020-3992
Severity CVSS v4.0:
Pending analysis
Type:
CWE-416
Use After Free
Publication date:
20/10/2020
Last modified:
02/04/2025
Description
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* | 3.0 (including) | 3.10.1.2 (excluding) |
cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* | 4.0 (including) | 4.1.0.1 (excluding) |
cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:2:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:* | ||
cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://www.vmware.com/security/advisories/VMSA-2020-0023.html
- https://www.zerodayinitiative.com/advisories/ZDI-20-1377/
- https://www.zerodayinitiative.com/advisories/ZDI-20-1385/
- https://www.vmware.com/security/advisories/VMSA-2020-0023.html
- https://www.zerodayinitiative.com/advisories/ZDI-20-1377/
- https://www.zerodayinitiative.com/advisories/ZDI-20-1385/