Published: 20/11/2020 Updated: 03/12/2020

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.2 | Impact Score: 6 | Exploitability Score: 1.5

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x prior to 15.5.7), Fusion (11.x prior to 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware fusion
vmware cloud foundation
vmware workstation
vmware esxi 6.5
vmware esxi 6.7
vmware esxi 7.0

Sign up for Security Advisories Stay up to date on the latest VMware Security advisories and updates ...

VMware reveals critical hypervisor bugs found at Chinese white hat hacking comp. One lets guests run code on hosts

The Register • Simon Sharwood, APAC Editor • 20 Nov 2020

ESXi, Cloud Foundation, and desktop hypervisor users should get patching

VMware has revealed and repaired the flaws in its hypervisor discovered at China’s Tianfu Cup white hat hacking competition. CVE-2020-4004, rated critical due to its 9.3 on the CVSS scale, is described as a “Use-after-free vulnerability in XHCI USB controller”. It allows a malicious actor with local administrative privileges on a virtual machine to execute code as the virtual machine's VMX process running on the host. The VMX process runs in the VMkernel and is responsible for handling I/O...

CVE-2020-4004

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect