CVE-2020-3992 | ESXi OpenSLP remote code execution vulnerability

Published: 2020-10-20
MITRE CVE-2020-3992

“A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.”

The workaround is to stop and disable the SLP service.

CVSS Base Score is 9.8

Basefarm and VMware recommends that you install the updates for this vulnerability as soon as possible. Basefarm also recommends that the management services of ESXi servers are not available for regular users, but are places on a protected network.

Basefarm is currently evaluating this vulnerability, how to best handle it and ensure operational stability for all our customers. We are tracking this internally as BF-VLN-2146240 with the highest priority.