CVE-2020-4005 — Improper Privilege Management in Vmware Cloud Foundation

CWE-269 — Improper Privilege Management5 documents5 sources

Severity

7.8HIGHNVD

CNA8.2

EPSS

0.2%

top 56.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Cloud Foundation Vmware Esxi Vmware Esxi

Timeline

PublishedNov 20

Latest updateMay 24

Description

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004)

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDvmware/esxi6.5, 6.7, 7.0+2

▶CVEListV5vmware/vmware_esxi6.5 before ESXi650-202011301-SG, 6.7 before ESXi670-202011101-SG, 7.0 before ESXi70U1b-17168206+2

▶NVDvmware/cloud_foundation3.0 — 3.10.1.2+1

Patches

Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-f537-rwg7-cjw7: VMware ESXi (7↗2022-05-24

▶

CVEList

CVE-2020-4005: VMware ESXi (7↗2020-11-20

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows - Win32k Elevation of Privilege↗2020-12-02

▶

📋Vendor Advisories

VMware

VMware ESXi, Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005)↗2020-11-19

▶