Heap Overflow in USB Controller of VMware Products
CVE-2020-3966

7.5HIGH

Key Information:

Vendor: Vmware
Status: Vmware Esxi; Workstation; Fusion
Vendor: CVE Published:; 25 June 2020

What is CVE-2020-3966?

The vulnerability arises from a heap overflow stemming from a race condition in the USB 2.0 controller within VMware products. An attacker with local access to a virtual machine can exploit this flaw to execute code on the hypervisor, thereby compromising virtual machines. However, additional conditions external to the attacker's control must be satisfied for this exploitation to occur. Users are advised to apply necessary updates to safeguard their systems.

Affected Version(s)

Fusion 11.x before 11.5.2

VMware ESXi 7.0 before ESXi_7.0.0-1.20.16321839

VMware ESXi 6.7 before ESXi670-202004101-SG

References

https://www.vmware.com/security/advisories/VMSA-2020-0015...

x_refsource_CONFIRM

https://www.zerodayinitiative.com/advisories/ZDI-20-783/

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2020
Vulnerability Reserved
Dec 30, 2019

Vmware

What is CVE-2020-3966?

Affected Version(s)

References

CVSS V3.1

Timeline