CVSS: 8.4EPSS: 0%CPEs: 23EXPL: 0CVE-2020-3960
https://notcve.org/view.php?id=CVE-2020-3960
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory. VMware ESXi (versiones 6.7 anteriores a ESXi670-202006401-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.5) y Fusion (versiones 11.x anteriores a 11.5.5) contienen una vulnerabilidad de lectura fuera de límites en la funcionalidad NVMe. Un actor malicioso con acceso local no administrativo a una máquina virtual con un controlador NVMe virtual presente puede ser capaz de leer información privilegiada contenida en la memoria física • https://www.vmware.com/security/advisories/VMSA-2020-0012.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 94EXPL: 0CVE-2020-3971
https://notcve.org/view.php?id=CVE-2020-3971
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory. VMware ESXi (versiones 6.7 anteriores a ESXi670-201904101-SG y versiones 6.5 anteriores a ESXi650-201907101-SG), Workstation (versiones 15.x anteriores a 15.0.2) y Fusion (versiones 11.x anteriores a 11.0.2), contiene una vulnerabilidad de desbordamiento de la pila en el adaptador de red virtual vmxnet3. Un actor malicioso con acceso local a una máquina virtual con un adaptador de red vmxnet3 presente puede ser capaz de leer información privilegiada contenida en la memoria física • https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 1CVE-2020-3965
https://notcve.org/view.php?id=CVE-2020-3965
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202006401-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.2) y Fusion (versiones 11.x anteriores a 11.5. 2), contiene una filtración de información en el controlador USB XHCI. Un actor malicioso con acceso local a una máquina virtual puede ser capaz de leer información privilegiada contenida en la memoria del hipervisor desde una máquina virtual • http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html http://seclists.org/fulldisclosure/2020/Jul/22 https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-125: Out-of-bounds Read •
CVSS: 4.7EPSS: 0%CPEs: 190EXPL: 1CVE-2020-3964
https://notcve.org/view.php?id=CVE-2020-3964
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in the hypervisor's memory. Additional conditions beyond the attacker's control need to be present for exploitation to be possible. VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202006401-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.2) y Fusion (versiones 11.x anteriores a 11.5. 2), contiene una filtración de información en el controlador USB EHCI. Un actor malicioso con acceso local a una máquina virtual puede ser capaz de leer información privilegiada contenida en la memoria del hipervisor. • http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html http://seclists.org/fulldisclosure/2020/Jul/22 https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 190EXPL: 2CVE-2020-3963
https://notcve.org/view.php?id=CVE-2020-3963
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be able to read privileged information contained in physical memory. VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202006401-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.2) y Fusion (versiones 11.x anteriores a 11.5. 2), contiene una vulnerabilidad de uso de la memoria previamente liberada en PVNVRAM. Un actor malicioso con acceso local a una máquina virtual puede ser capaz de leer información privilegiada contenida en la memoria física • http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html http://seclists.org/fulldisclosure/2020/Jul/22 https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-416: Use After Free •