Back to KEVs

CVE-2020-3992

OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a...

Basic Information

CVE State
PUBLISHED
Reserved Date
December 30, 2019
Published Date
October 20, 2020
Last Updated
October 21, 2025
Vendor
VMware
Product
VMware ESXi
Description
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
Tags
cisa malware ransomware

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (2021-11-03 00:00:00 UTC) Source
Used in Malware
Yes (added 2021-11-03 00:00:00 UTC) Source

References

https://www.vmware.com/security/advisories/VMSA-2020-0023.html https://www.zerodayinitiative.com/advisories/ZDI-20-1377/ https://www.zerodayinitiative.com/advisories/ZDI-20-1385/

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC
CISA 2021-11-03 00:00:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Exploit Used in Malware

  • Added to KEVIntel

  • Added to KEVIntel