Rewterz Threat Advisory – CVE-2020-3999 – VMware Multiple Products DoS Vulnerability

December 18, 2020

Severity

Low

Analysis Summary

VMware ESXi, Workstation and Fusion contain a denial of service vulnerability due to improper input validation in GuestInfo.A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine’s vmx process leading to a denial of service condition.

Impact

Denial of service

Affected Vendors

VMware

Affected Products

VMware ESXi
VMware Workstation
VMware Fusion
VMware Cloud Foundation

Remediation

Refer to VMware advisory for the complete list of affected products and their respective patches.

https://www.vmware.com/security/advisories/VMSA-2020-0029.html

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – APT Targeting/ Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

Rewterz Threat Advisory – CVE-2020-27254 – ICS: Emerson Rosemount X-STREAM

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.