CVE-2020-3992 - VMware ESXi OpenSLP Use-After-Free Vulnerability
Project:VMware
Product:ESXi
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
VMware ESXi OpenSLP Use-After-Free Vulnerability
Description
VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-3992