Page 11 of 65 results (0.014 seconds)

CVSS: 7.8EPSS: 0%CPEs: 181EXPL: 0

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004) VMware ESXi (versiones 7.0 anteriores a ESXi70U1b-17168206, versiones 6.7 anteriores a ESXi670-202011101-SG, versiones 6.5 anteriores a ESXi650-202011301-SG), contiene una vulnerabilidad de escalada de privilegios que se presenta en la manera en que son administradas determinadas llamadas del sistema. Un actor malicioso con privilegios dentro del proceso VMX únicamente, puede escalar sus privilegios en el sistema afectado. • https://www.vmware.com/security/advisories/VMSA-2020-0026.html •

CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0

VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node. VMware NSX-T (versiones 3.x anteriores 3.0.2, versiones 2.5.x anteriores a 2.5.2.2.0), contiene una vulnerabilidad de seguridad que se presenta en la manera en que permite que un host KVM descargue e instale paquetes desde el administrador de NSX. Un actor malicioso con posicionamiento MITM puede ser capaz de explotar este problema para comprometer el nodo de transporte • https://www.vmware.com/security/advisories/VMSA-2020-0023.html •

CVSS: 10.0EPSS: 44%CPEs: 224EXPL: 0

OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution. OpenSLP como es usado en VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.1-0.0.16850804, versiones 6.7 anteriores a ESXi670-202010401-SG, versiones 6.5 anteriores a ESXi650-202010401-SG), presenta un problema de uso de la memoria previamente liberada. Un actor malicioso que reside en la red de administración y que tiene acceso al puerto 427 en una máquina ESXi puede desencadenar un uso de la memoria previamente liberada en el servicio OpenSLP resultando en una ejecución de código remota This vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of SLP messages. • https://www.vmware.com/security/advisories/VMSA-2020-0023.html https://www.zerodayinitiative.com/advisories/ZDI-20-1377 https://www.zerodayinitiative.com/advisories/ZDI-20-1385 • CWE-416: Use After Free •

CVSS: 6.0EPSS: 0%CPEs: 225EXPL: 0

VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process. VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.1-0.0.16850804, versiones 6.7 anteriores a ESXi670-202008101-SG, versiones 6.5 anteriores a ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x antes de 11.5.6), contienen una vulnerabilidad de lectura fuera de límites debido a un problema time-of-check time-of-use en el dispositivo ACPI. Un actor malicioso con acceso administrativo a una máquina virtual puede ser capaz de explotar este problema para filtrar la memoria del proceso vmx This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the implementation of the BDOOR_CMD_PATCH_ACPI_TABLES command. • https://www.vmware.com/security/advisories/VMSA-2020-0023.html • CWE-125: Out-of-bounds Read CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 8.2EPSS: 0%CPEs: 226EXPL: 0

VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this vulnerability to crash the virtual machine's vmx process or corrupt hypervisor's memory heap. VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.1-0.0.16850804, versiones 6.7 anteriores a ESXi670-202008101-SG, versiones 6.5 anteriores a ESXi650-202007101-SG), Workstation (versiones 15.x), Fusion (versiones 11.x anteriores a de 11.5.6), contienen una vulnerabilidad de escritura fuera de límites debido a un problema time-of-check time-of-use en el dispositivo ACPI. Un actor malicioso con acceso administrativo a una máquina virtual puede ser capaz de explotar esta vulnerabilidad para bloquear el proceso vmx de la máquina virtual o corromper la pila de la memoria del hipervisor This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the implementation of the BDOOR_CMD_PATCH_ACPI_TABLES command. • https://www.vmware.com/security/advisories/VMSA-2020-0023.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •