Vulnerability Name:

CVE-2020-3971 (CCN-183925)

Assigned:2019-12-30
Published:2020-06-23
Updated:2020-07-01
Summary:VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
8.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-787
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-3971

Source: XF
Type: UNKNOWN
vmware-cve20203971-bo(183925)

Source: CCN
Type: VMware Security Advisory VMSA-2020-0015
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities

Source: CONFIRM
Type: Vendor Advisory
https://www.vmware.com/security/advisories/VMSA-2020-0015.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:vmware:cloud_foundation:*:*:*:*:*:*:*:* (Version >= 3.0 and < 3.7.2)
  • OR cpe:/a:vmware:fusion:*:*:*:*:*:*:*:* (Version >= 11.0.0 and < 11.0.2)
  • OR cpe:/a:vmware:workstation:*:*:*:*:*:*:*:* (Version >= 15.0.0 and < 15.0.2)
  • OR cpe:/o:vmware:esxi:6.5:-:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:-:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:vmware:esxi:6.5:*:*:*:*:*:*:*
  • OR cpe:/o:vmware:esxi:6.7:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:fusion:11.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    vmware cloud foundation *
    vmware fusion *
    vmware workstation *
    vmware esxi 6.5 -
    vmware esxi 6.5 650-201701001
    vmware esxi 6.5 650-201703001
    vmware esxi 6.5 650-201703002
    vmware esxi 6.5 650-201704001
    vmware esxi 6.5 650-201707101
    vmware esxi 6.5 650-201707102
    vmware esxi 6.5 650-201707103
    vmware esxi 6.5 650-201707201
    vmware esxi 6.5 650-201707202
    vmware esxi 6.5 650-201707203
    vmware esxi 6.5 650-201707204
    vmware esxi 6.5 650-201707205
    vmware esxi 6.5 650-201707206
    vmware esxi 6.5 650-201707207
    vmware esxi 6.5 650-201707208
    vmware esxi 6.5 650-201707209
    vmware esxi 6.5 650-201707210
    vmware esxi 6.5 650-201707211
    vmware esxi 6.5 650-201707212
    vmware esxi 6.5 650-201707213
    vmware esxi 6.5 650-201707214
    vmware esxi 6.5 650-201707215
    vmware esxi 6.5 650-201707216
    vmware esxi 6.5 650-201707217
    vmware esxi 6.5 650-201707218
    vmware esxi 6.5 650-201707219
    vmware esxi 6.5 650-201707220
    vmware esxi 6.5 650-201707221
    vmware esxi 6.5 650-201710001
    vmware esxi 6.5 650-201712001
    vmware esxi 6.5 650-201803001
    vmware esxi 6.5 650-201806001
    vmware esxi 6.5 650-201811001
    vmware esxi 6.5 650-201811301
    vmware esxi 6.7 -
    vmware esxi 6.7 670-201810201
    vmware esxi 6.7 670-201810202
    vmware esxi 6.7 670-201810203
    vmware esxi 6.7 670-201810204
    vmware esxi 6.7 670-201810205
    vmware esxi 6.7 670-201810206
    vmware esxi 6.7 670-201810207
    vmware esxi 6.7 670-201810208
    vmware esxi 6.7 670-201810209
    vmware esxi 6.7 670-201810210
    vmware esxi 6.7 670-201810211
    vmware esxi 6.7 670-201810212
    vmware esxi 6.7 670-201810213
    vmware esxi 6.7 670-201810214
    vmware esxi 6.7 670-201810215
    vmware esxi 6.7 670-201810216
    vmware esxi 6.7 670-201810217
    vmware esxi 6.7 670-201810218
    vmware esxi 6.7 670-201810219
    vmware esxi 6.7 670-201810220
    vmware esxi 6.7 670-201810221
    vmware esxi 6.7 670-201810222
    vmware esxi 6.7 670-201810223
    vmware esxi 6.7 670-201810224
    vmware esxi 6.7 670-201810225
    vmware esxi 6.7 670-201810226
    vmware esxi 6.7 670-201810227
    vmware esxi 6.7 670-201810228
    vmware esxi 6.7 670-201810229
    vmware esxi 6.7 670-201810230
    vmware esxi 6.7 670-201810231
    vmware esxi 6.7 670-201810101
    vmware esxi 6.7 670-201810102
    vmware esxi 6.7 670-201810103
    vmware esxi 6.7 670-201806001
    vmware esxi 6.7 670-201807001
    vmware esxi 6.7 670-201808001
    vmware esxi 6.7 670-201810001
    vmware esxi 6.5 650-201808001
    vmware esxi 6.5 650-201810001
    vmware esxi 6.5 650-201810002
    vmware esxi 6.5 650-201811002
    vmware esxi 6.5 650-201901001
    vmware esxi 6.5 650-201903001
    vmware esxi 6.5 650-201905001
    vmware esxi 6.7 670-201810232
    vmware esxi 6.7 670-201810233
    vmware esxi 6.7 670-201810234
    vmware esxi 6.7 670-201901401
    vmware esxi 6.7 670-201901402
    vmware esxi 6.7 670-201901403
    vmware esxi 6.7 670-201811001
    vmware esxi 6.7 670-201901001
    vmware esxi 6.7 670-201903001
    vmware esxi 6.7 670-201904001
    vmware esxi 6.5
    vmware esxi 6.7
    vmware workstation 15.0
    vmware fusion 11.0