New VMware vulnerabilities identified
Yesterday, VMware announced that they were rolling out several updates in order to remediate multiple vulnerabilities identified in their products. The vulnerabilities were privately reported and range in severity from moderate to critical. Further information, patches and workarounds are detailed here.
The CVEs and affected products are as follow:
CVE-2020-3981 (important)
- Affects VMware ESXi, Fusion and Workstation
These products feature an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. If a malicious actor gains admin access to a VM, this issue may be exploited to leak memory.
CVE-2020-3982 (moderate)
- Affects VMware ESXi, Fusion and Workstation
These products feature an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. If exploited, a malicious actor with admin access to a VM could crash the VMX process or corrupt the hypervisor’s memory heap.
CVE-2020-3992 (critical)
- Affects VMware ESXi
This vulnerability makes it possible for a malicious actor with access to port 427 on an ESXi machine to trigger a use-after-free issue in Open SLP.
CVE-2020-3993 (important)
- Affects VMware NSX-T
A vulnerability exists in the way NSX-T allows a KVM host to download and install packages from NSX manager. If exploited, this issue could compromise the transport node.
CVE-2020-3994 (important)
- Affects VMware vCenter Server
This is a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation.
CVE-2020-3995 (important)
- Affects VMware ESXi, Fusion and Workstation
This memory leak vulnerability could be exploited and, over time, could lead to memory resource exhaustion on the hypervisor.
What action do UKFast customers need to take?
UKFast is currently working through impacted solutions. Shared platforms including eCloud® public will be patched with immediate effect, and a strategy is in place for patching customer specific solutions.
Any customers with affected solutions will be contacted directly.
Support
The UKFast team is more than happy to help answer any questions you may have about these vulnerabilities. Please don’t hesitate to contact our support team on 0800 923 0605.