Published: 25/06/2020 Updated: 01/07/2020

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 3.8 | Impact Score: 1.4 | Exploitability Score: 2

VMScore: 169

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x prior to 15.5.5), and Fusion (11.x prior to 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine's vmx process leading to a partial denial of service condition.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware cloud foundation
vmware fusion
vmware workstation
vmware esxi 6.5
vmware esxi 6.7
vmware esxi 7.0.0

CWE-125 https://www.vmware.com/security/advisories/VMSA-2020-0015.html https://www.zerodayinitiative.com/advisories/ZDI-20-782/https://nvd.nist.gov https://www.vmware.com/security/advisories/VMSA-2020-0015.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-3970

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect