CVE-2020-3963 : Security Advisory and Response
Learn about CVE-2020-3963 affecting VMware ESXi, Workstation, and Fusion products. Find out how a local attacker could exploit a use-after-free vulnerability to access privileged information.
VMware ESXi, Workstation, and Fusion products are affected by a use-after-free vulnerability that could allow a malicious actor to access privileged information in physical memory.
Understanding CVE-2020-3963
What is CVE-2020-3963?
CVE-2020-3963 is a use-after-free vulnerability affecting VMware ESXi, Workstation, and Fusion products.
The Impact of CVE-2020-3963
The vulnerability could be exploited by a local attacker to read sensitive data from physical memory.
Technical Details of CVE-2020-3963
Vulnerability Description
The use-after-free vulnerability in PVNVRAM of VMware ESXi, Workstation, and Fusion products allows unauthorized access to privileged information.
Affected Systems and Versions
- VMware ESXi 7.0 before ESXi_7.0.0-1.20.16321839
- VMware ESXi 6.7 before ESXi670-202006401-SG
- VMware ESXi 6.5 before ESXi650-202005401-SG
- VMware Workstation 15.x before 15.5.2
- VMware Fusion 11.x before 11.5.2
Exploitation Mechanism
A local attacker with access to a virtual machine can exploit the vulnerability to retrieve sensitive data from physical memory.
Mitigation and Prevention
Immediate Steps to Take
- Apply the necessary security patches provided by VMware.
- Monitor for any unauthorized access to virtual machines.
Long-Term Security Practices
- Regularly update and patch VMware products to mitigate security risks.
Patching and Updates
Ensure that VMware ESXi, Workstation, and Fusion products are updated to the latest secure versions.