CVE-2020-4004 vulnerability in VMware Products
Published on November 20, 2020

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

NVD

Products Associated with CVE-2020-4004

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-4004 are published in these products:

VMware Cloud Foundation

VMware Workstation

VMware ESXi

Exploit Probability

EPSS

0.29%

Percentile

52.02%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-4004 vulnerability in VMware ProductsPublished on November 20, 2020

Products Associated with CVE-2020-4004

Exploit Probability

CVE-2020-4004 vulnerability in VMware Products
Published on November 20, 2020