← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-3992 — Actively Exploited: ESXi (VMware)

VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution.

CVE IDCVE-2020-3992
VendorVMware
ProductESXi
Vulnerability nameVMware ESXi OpenSLP Use-After-Free Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionVMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →