CVE-2020-3992: VMWARE ESXI Remote Code Execution Vulnerability Alert

On October 20, VMware issued a security notice to fix a VMware ESXi remote code execution vulnerability (CVE-2020-3992). The vulnerability comes from the “use-after-free” reuse problem of OpenSLP used in ESXi. The vulnerability comes from the “use-after-free” reuse problem of OpenSLP used in ESXi. The user-after-free of the OpenSLP service can be triggered by accessing port 427 of the ESXi host. The CVSS score is 9.8.

Affected version

  • ESXi = 6.5
  • ESXi = 6.7
  • ESXi = 7.0
  • VMware Cloud Foundation (ESXi) = 3.X
  • VMware Cloud Foundation (ESXi) = 4.X

Unaffected version

  • ESXi650-202010401-SG
  • ESXi670-202010401-SG
  • ESXi_7.0.1-0.0.16850804
  • VMware Cloud Foundation (ESXi) = 3.10.1.1
  • VMware Cloud Foundation (ESXi) = 4.1

Solution

At present, Vmware has fixed the vulnerability in the latest version, please upgrade the version as soon as possible to protect the affected users, the download link and document of the corresponding product version are as follows:
Product version Download Document
VMware ESXi 6.5 ESXi650-202010401-SG https://my.vmware.com/group/vmware/patch https://docs.vmware.com/en/VMware-vSphere/6.5/rn/esxi650-202010001.html
VMware ESXi 6.7 ESXi670-202010401-SG https://my.vmware.com/group/vmware/patch https://docs.vmware.com/en/VMware-vSphere/6.7/rn/esxi670-202010001.html
VMware ESXi 7.0 ESXi_7.0.1-0.0.16850804 https://my.vmware.com/group/vmware/patch https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-701-release-notes.html
VMware vCloud Foundation 3.10.1.1 https://docs.vmware.com/en/VMware-Cloud-Foundation/3.10.1/rn/VMware-Cloud-Foundation-3101-Release-Notes.html#3.10.1.1 https://docs.vmware.com/en/VMware-Cloud-Foundation/3.10.1/rn/VMware-Cloud-Foundation-3101-Release-Notes.html#3.10.1.1
VMware vCloud Foundation 4.1 https://docs.vmware.com/en/VMware-Cloud-Foundation/4.1/rn/VMware-Cloud-Foundation-41-Release-Notes.html https://docs.vmware.com/en/VMware-Cloud-Foundation/4.1/rn/VMware-Cloud-Foundation-41-Release-Notes.html