CVE-2020-4004
N/A
N/A
Summary
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | VMware ESXi | 7.0 before ESXi70U1b-17168206 | affected |
| n/a | VMware ESXi | 6.7 before ESXi670-202011101-SG | affected |
| n/a | VMware ESXi | 6.5 before ESXi650-202011301-SG | affected |
| n/a | Workstation | 15.x before 15.5.7 | affected |
| n/a | Fusion | 11.x before 11.5.7 | affected |
Weaknesses
- Use-after-free vulnerability
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.