CVE-2020-3960
VMware ESXi Use-After-Free / Out-Of-Bounds Access
Severity Score
8.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory.
VMware ESXi (versiones 6.7 anteriores a ESXi670-202006401-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.5) y Fusion (versiones 11.x anteriores a 11.5.5) contienen una vulnerabilidad de lectura fuera de límites en la funcionalidad NVMe. Un actor malicioso con acceso local no administrativo a una máquina virtual con un controlador NVMe virtual presente puede ser capaz de leer información privilegiada contenida en la memoria física
Several security issues have been identified in the VMware ESIx virtual machine monitor (VMM). A use-after-free (UAF) vulnerability in PVNVRAM, a missing return value check in EHCI USB controller leading to private heap information disclosure, and several out-of-bounds reads.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-12-30 CVE Reserved
- 2020-07-17 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.vmware.com/security/advisories/VMSA-2020-0012.html | 2021-09-28 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Fusion Search vendor "Vmware" for product "Fusion" | >= 11.0.0 < 11.5.5 Search vendor "Vmware" for product "Fusion" and version " >= 11.0.0 < 11.5.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | >= 15.0.0 < 15.5.5 Search vendor "Vmware" for product "Workstation" and version " >= 15.0.0 < 15.5.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201701001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201703001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201703002 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201704001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201710001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201712001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201803001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201806001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201808001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201810001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201810002 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201811001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201901001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201903001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201905001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201908001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.5 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.5" | 650-201910001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.7 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.7" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.7 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.7" | 670-201911001 |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vsphere Esxi Search vendor "Vmware" for product "Vsphere Esxi" | 6.7 Search vendor "Vmware" for product "Vsphere Esxi" and version "6.7" | 670-202004001 |
Affected
| ||||||