CVE-2020-3971
N/A
N/A
Summary
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| VMware | VMware ESXi | 6.7 before ESXi670-201904101-SG | affected |
| VMware | VMware ESXi | 6.5 before ESXi650-201907101-SG | affected |
| VMware | Workstation | 15.x before 15.0.2 | affected |
| VMware | Fusion | 11.x before 11.0.2 | affected |
Weaknesses
- Heap overflow vulnerability
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.