VMware Workstation SetGuestInfo Null Pointer Dereference Denial-of-Service Vulnerability [CVE-2020-3999]

December 25, 2020 Duncan 3132 Views 0 Comments CVE-2020-3999, Null Pointer Dereference Denial-of-Service Vulnerability, VMware, VMware Cloud Foundation, VMware ESXi, VMware Fusion, VMware Workstation 0 min read

CVE Number – CVE-2020-3999

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability.

The specific flaw exists within the implementation of the SetGuestInfo RPC function. The issue results from dereferencing a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition on the hypervisor.

Impacted Products

VMware ESXi
VMware Workstation
VMware Fusion
VMware Cloud Foundation

VMware has issued an update to correct this vulnerability. More details can be found at:
https://www.vmware.com/security/advisories/VMSA-2020-0029.html

Duncan

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

VMware Workstation SetGuestInfo Null Pointer Dereference Denial-of-Service Vulnerability [CVE-2020-3999]

Impacted Products

Like this:

Related Posts

Duncan

Leave a ReplyCancel reply

Impacted Products

Share this:

Like this:

Related Posts

Duncan

Leave a ReplyCancel reply