Vulnerability Research
ESXi OpenSLP RCE Vulnerability
Mon, 11/02/2020
ESXi OpenSLP Remote Code Execution (RCE) Vulnerability
On October 20th, VMWare disclosed the presence of an RCE vulnerability with the OpenSLP within ESXi. Exposure of the vulnerability is through TCP port 427 and yields a CVSSv3 score of 9.8. The vulnerability is referenced by CVE-2020-3992 and was provided a patch by VMWare on the same day as disclosure. Products affected are ESXi, Workstation...