VMware ESXi/Workstation/Fusion USB 2.0 Controller race condition

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in VMware ESXi, Workstation and Fusion (Virtualization Software) (the affected version is unknown). This vulnerability affects an unknown function of the component USB 2.0 Controller. Upgrading eliminates this vulnerability.

Field06/26/2020 12:46 PM06/26/2020 12:51 PM10/27/2020 09:58 AM
vendorVMwareVMwareVMware
nameESXi/Workstation/FusionESXi/Workstation/FusionESXi/Workstation/Fusion
componentUSB 2.0 ControllerUSB 2.0 ControllerUSB 2.0 Controller
risk222
cvss2_vuldb_basescore4.14.14.1
cvss2_vuldb_tempscore3.63.63.6
cvss2_vuldb_avLLL
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss3_meta_basescore6.46.46.4
cvss3_meta_tempscore6.16.16.1
cvss3_vuldb_basescore5.35.35.3
cvss3_vuldb_tempscore5.15.15.1
cvss3_vuldb_avLLL
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
date1593043200 (06/25/2020)1593043200 (06/25/2020)1593043200 (06/25/2020)
urlhttps://www.vmware.com/security/advisories/VMSA-2020-0015.htmlhttps://www.vmware.com/security/advisories/VMSA-2020-0015.htmlhttps://www.vmware.com/security/advisories/VMSA-2020-0015.html
price_0day$5k-$25k$5k-$25k$5k-$25k
nameUpgradeUpgradeUpgrade
cveCVE-2020-3966CVE-2020-3966CVE-2020-3966
seealso157244 157245 157273 157274 157275 157277 157278 157279 157280157244 157245 157273 157274 157275 157277 157278 157279 157280157244 157245 157273 157274 157275 157277 157278 157279 157280
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcXXX
cvss3_nvd_basescore7.57.57.5
typeVirtualization SoftwareVirtualization Software
cwe0362 (race condition)362 (race condition)
cvss2_nvd_avLL
cvss2_nvd_acHH
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiPP
cvss2_nvd_aiPP
cvss3_nvd_avLL
cvss3_nvd_acHH
cvss3_nvd_prHH
cvss3_nvd_uiNN
cvss3_nvd_sCC
cvss3_nvd_cHH
cvss3_nvd_iHH
cvss3_nvd_aHH
cve_assigned15776640001577664000
cve_nvd_summaryVMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
confirm_urlhttps://www.vmware.com/security/advisories/VMSA-2020-0015.html

Do you know our Splunk app?

Download it now for free!