4.6
CVSSv2

CVE-2020-4004

Published: 20/11/2020 Updated: 03/12/2020
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 8.2 | Impact Score: 6 | Exploitability Score: 1.5
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x prior to 15.5.7), Fusion (11.x prior to 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware fusion

vmware cloud foundation

vmware workstation

vmware esxi 6.5

vmware esxi 6.7

vmware esxi 7.0

Recent Articles

VMware Fixes Critical Flaw in ESXi Hypervisor
Threatpost • Lindsey O'Donnell • 20 Nov 2020

VMware has hurried out fixes for a critical flaw in its ESXi hypervisor, a few weeks after it was found during China’s Tianfu Cup hacking competition.
The use-after-free vulnerability (CVE-2020-4004) has a CVSS score of 9.3 out of 10, making it critical. It exists in the eXtensible Host Controller Interface (xHCI) USB controller of ESXi. XHCI is an interface specification that defines a register-level description of a host controller for USB.
According to VMware in a Thursday ...

VMWare releases fix for critical ESXi, Workstation vulnerability
BleepingComputer • Sergiu Gatlan • 20 Nov 2020

VMware has released security updates to fix critical and high severity vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation, allowing for code execution and privilege escalation.
The two vulnerabilities were
 by Qihoo 360 Vulcan Team's Xiao Wei and Tianwen Tang during the first day of the 2020 Tianfu Cup Pwn Contest.
One of the security bugs, with a critical severity rating and tracked as CVE-2020-4004, allows attackers with local administrative priv...

The Register

VMware has revealed and repaired the flaws in its hypervisor discovered at China’s Tianfu Cup white hat hacking competition.
CVE-2020-4004, rated critical due to its 9.3 on the CVSS scale, is described as a “Use-after-free vulnerability in XHCI USB controller”. It allows a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host. The VMX process runs in the VMkernel and is responsible for handli...