20/11/2020
4/8/2024
CVE-2020-4004: Use After Free First published: Fri Nov 20 2020(Updated: 7 months ago )
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
Credit: security@vmware.com
Affected Software Affected Version How to fix VMware Fusion Pro >=11.0<11.5.7 Apple iOS and macOS VMware Cloud Foundation >=3.0<3.10.1.2 VMware Workstation >=15.0.0<15.5.7 VMware Cloud Foundation >=4.0<4.1.0.1 VMware ESXi =6.5 VMware ESXi =6.5-650-201701001 VMware ESXi =6.5-650-201703001 VMware ESXi =6.5-650-201703002 VMware ESXi =6.5-650-201704001 VMware ESXi =6.5-650-201707101 VMware ESXi =6.5-650-201707102 VMware ESXi =6.5-650-201707103 VMware ESXi =6.5-650-201707201 VMware ESXi =6.5-650-201707202 VMware ESXi =6.5-650-201707203 VMware ESXi =6.5-650-201707204 VMware ESXi =6.5-650-201707205 VMware ESXi =6.5-650-201707206 VMware ESXi =6.5-650-201707207 VMware ESXi =6.5-650-201707208 VMware ESXi =6.5-650-201707209 VMware ESXi =6.5-650-201707210 VMware ESXi =6.5-650-201707211 VMware ESXi =6.5-650-201707212 VMware ESXi =6.5-650-201707213 VMware ESXi =6.5-650-201707214 VMware ESXi =6.5-650-201707215 VMware ESXi =6.5-650-201707216 VMware ESXi =6.5-650-201707217 VMware ESXi =6.5-650-201707218 VMware ESXi =6.5-650-201707219 VMware ESXi =6.5-650-201707220 VMware ESXi =6.5-650-201707221 VMware ESXi =6.5-650-201710001 VMware ESXi =6.5-650-201712001 VMware ESXi =6.5-650-201803001 VMware ESXi =6.5-650-201806001 VMware ESXi =6.5-650-201808001 VMware ESXi =6.5-650-201810001 VMware ESXi =6.5-650-201810002 VMware ESXi =6.5-650-201811001 VMware ESXi =6.5-650-201811002 VMware ESXi =6.5-650-201811301 VMware ESXi =6.5-650-201901001 VMware ESXi =6.5-650-201903001 VMware ESXi =6.5-650-201905001 VMware ESXi =6.5-650-201908001 VMware ESXi =6.5-650-201910001 VMware ESXi =6.5-650-20191004001 VMware ESXi =6.5-650-201911001 VMware ESXi =6.5-650-201911401 VMware ESXi =6.5-650-201911402 VMware ESXi =6.5-650-201912001 VMware ESXi =6.5-650-201912002 VMware ESXi =6.5-650-201912101 VMware ESXi =6.5-650-201912102 VMware ESXi =6.5-650-201912103 VMware ESXi =6.5-650-201912104 VMware ESXi =6.5-650-201912301 VMware ESXi =6.5-650-201912401 VMware ESXi =6.5-650-201912402 VMware ESXi =6.5-650-201912403 VMware ESXi =6.5-650-201912404 VMware ESXi =6.5-650-202005001 VMware ESXi =6.5-650-202006001 VMware ESXi =6.5-650-202007001 VMware ESXi =6.5-650-202010001 VMware ESXi =6.5-650-202011001 VMware ESXi =6.5-650-202011002 VMware ESXi =6.7 VMware ESXi =6.7-670-201806001 VMware ESXi =6.7-670-201807001 VMware ESXi =6.7-670-201808001 VMware ESXi =6.7-670-201810001 VMware ESXi =6.7-670-201810101 VMware ESXi =6.7-670-201810102 VMware ESXi =6.7-670-201810103 VMware ESXi =6.7-670-201810201 VMware ESXi =6.7-670-201810202 VMware ESXi =6.7-670-201810203 VMware ESXi =6.7-670-201810204 VMware ESXi =6.7-670-201810205 VMware ESXi =6.7-670-201810206 VMware ESXi =6.7-670-201810207 VMware ESXi =6.7-670-201810208 VMware ESXi =6.7-670-201810209 VMware ESXi =6.7-670-201810210 VMware ESXi =6.7-670-201810211 VMware ESXi =6.7-670-201810212 VMware ESXi =6.7-670-201810213 VMware ESXi =6.7-670-201810214 VMware ESXi =6.7-670-201810215 VMware ESXi =6.7-670-201810216 VMware ESXi =6.7-670-201810217 VMware ESXi =6.7-670-201810218 VMware ESXi =6.7-670-201810219 VMware ESXi =6.7-670-201810220 VMware ESXi =6.7-670-201810221 VMware ESXi =6.7-670-201810222 VMware ESXi =6.7-670-201810223 VMware ESXi =6.7-670-201810224 VMware ESXi =6.7-670-201810225 VMware ESXi =6.7-670-201810226 VMware ESXi =6.7-670-201810227 VMware ESXi =6.7-670-201810228 VMware ESXi =6.7-670-201810229 VMware ESXi =6.7-670-201810230 VMware ESXi =6.7-670-201810231 VMware ESXi =6.7-670-201810232 VMware ESXi =6.7-670-201810233 VMware ESXi =6.7-670-201810234 VMware ESXi =6.7-670-201811001 VMware ESXi =6.7-670-201901001 VMware ESXi =6.7-670-201901401 VMware ESXi =6.7-670-201901402 VMware ESXi =6.7-670-201901403 VMware ESXi =6.7-670-201903001 VMware ESXi =6.7-670-201904001 VMware ESXi =6.7-670-201904201 VMware ESXi =6.7-670-201904201-ug VMware ESXi =6.7-670-201904202 VMware ESXi =6.7-670-201904202-ug VMware ESXi =6.7-670-201904203 VMware ESXi =6.7-670-201904203-ug VMware ESXi =6.7-670-201904204 VMware ESXi =6.7-670-201904204-ug VMware ESXi =6.7-670-201904205 VMware ESXi =6.7-670-201904205-ug VMware ESXi =6.7-670-201904206 VMware ESXi =6.7-670-201904206-ug VMware ESXi =6.7-670-201904207 VMware ESXi =6.7-670-201904207-ug VMware ESXi =6.7-670-201904208 VMware ESXi =6.7-670-201904208-ug VMware ESXi =6.7-670-201904209 VMware ESXi =6.7-670-201904209-ug VMware ESXi =6.7-670-201904210 VMware ESXi =6.7-670-201904210-ug VMware ESXi =6.7-670-201904211 VMware ESXi =6.7-670-201904211-ug VMware ESXi =6.7-670-201904212 VMware ESXi =6.7-670-201904212-ug VMware ESXi =6.7-670-201904213 VMware ESXi =6.7-670-201904213-ug VMware ESXi =6.7-670-201904214 VMware ESXi =6.7-670-201904214-ug VMware ESXi =6.7-670-201904215 VMware ESXi =6.7-670-201904215-ug VMware ESXi =6.7-670-201904216 VMware ESXi =6.7-670-201904216-ug VMware ESXi =6.7-670-201904217 VMware ESXi =6.7-670-201904217-ug VMware ESXi =6.7-670-201904218 VMware ESXi =6.7-670-201904218-ug VMware ESXi =6.7-670-201904219 VMware ESXi =6.7-670-201904219-ug VMware ESXi =6.7-670-201904220 VMware ESXi =6.7-670-201904220-ug VMware ESXi =6.7-670-201904221 VMware ESXi =6.7-670-201904221-ug VMware ESXi =6.7-670-201904222 VMware ESXi =6.7-670-201904222-ug VMware ESXi =6.7-670-201904223 VMware ESXi =6.7-670-201904223-ug VMware ESXi =6.7-670-201904224 VMware ESXi =6.7-670-201904224-ug VMware ESXi =6.7-670-201904225 VMware ESXi =6.7-670-201904225-ug VMware ESXi =6.7-670-201904226 VMware ESXi =6.7-670-201905001 VMware ESXi =6.7-670-201906002 VMware ESXi =6.7-670-201911001 VMware ESXi =6.7-670-201912001 VMware ESXi =6.7-670-202004001 VMware ESXi =6.7-670-202004002 VMware ESXi =6.7-670-202006001 VMware ESXi =6.7-670-202008001 VMware ESXi =6.7-670-202010001 VMware ESXi =7.0 VMware ESXi =7.0-beta VMware ESXi =7.0-update_1 VMware ESXi =7.0-update_1a VMware ESXi =7.0-update_1b
Never miss a vulnerability like this again Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions What is the severity of CVE-2020-4004? CVE-2020-4004 has been classified as a critical vulnerability by VMware.
How do I fix CVE-2020-4004? To fix CVE-2020-4004, users should update their VMware software to the latest patched version as recommended by VMware.
Which VMware products are affected by CVE-2020-4004? CVE-2020-4004 affects VMware ESXi versions 7.0, 6.7, and 6.5, as well as VMware Workstation and Fusion versions before specific updates.
What type of vulnerability is CVE-2020-4004? CVE-2020-4004 is identified as a use-after-free vulnerability within the XHCI USB controller.
Can CVE-2020-4004 be exploited remotely? CVE-2020-4004 requires local administrative privileges for exploitation, limiting its remote attack potential.
agent/type collector/mitre-cve source/MITRE agent/last-modified-date agent/severity agent/author agent/weakness agent/references agent/remedy agent/description agent/first-publish-date agent/event agent/source agent/tags agent/softwarecombine collector/nvd-index agent/software-canonical-lookup agent/software-canonical-lookup-request vendor/vmware canonical/vmware fusion pro version/vmware fusion pro/11.0 vendor/apple canonical/apple ios and macos canonical/vmware cloud foundation version/vmware cloud foundation/3.0 canonical/vmware workstation version/vmware workstation/15.0.0 version/vmware cloud foundation/4.0 canonical/vmware esxi version/vmware esxi/6.5 version/vmware esxi/6.5-650-201701001 version/vmware esxi/6.5-650-201703001 version/vmware esxi/6.5-650-201703002 version/vmware esxi/6.5-650-201704001 version/vmware esxi/6.5-650-201707101 version/vmware esxi/6.5-650-201707102 version/vmware esxi/6.5-650-201707103 version/vmware esxi/6.5-650-201707201 version/vmware esxi/6.5-650-201707202 version/vmware esxi/6.5-650-201707203 version/vmware esxi/6.5-650-201707204 version/vmware esxi/6.5-650-201707205 version/vmware esxi/6.5-650-201707206 version/vmware esxi/6.5-650-201707207 version/vmware esxi/6.5-650-201707208 version/vmware esxi/6.5-650-201707209 version/vmware esxi/6.5-650-201707210 version/vmware esxi/6.5-650-201707211 version/vmware esxi/6.5-650-201707212 version/vmware esxi/6.5-650-201707213 version/vmware esxi/6.5-650-201707214 version/vmware esxi/6.5-650-201707215 version/vmware esxi/6.5-650-201707216 version/vmware esxi/6.5-650-201707217 version/vmware esxi/6.5-650-201707218 version/vmware esxi/6.5-650-201707219 version/vmware esxi/6.5-650-201707220 version/vmware esxi/6.5-650-201707221 version/vmware esxi/6.5-650-201710001 version/vmware esxi/6.5-650-201712001 version/vmware esxi/6.5-650-201803001 version/vmware esxi/6.5-650-201806001 version/vmware esxi/6.5-650-201808001 version/vmware esxi/6.5-650-201810001 version/vmware esxi/6.5-650-201810002 version/vmware esxi/6.5-650-201811001 version/vmware esxi/6.5-650-201811002 version/vmware esxi/6.5-650-201811301 version/vmware esxi/6.5-650-201901001 version/vmware esxi/6.5-650-201903001 version/vmware esxi/6.5-650-201905001 version/vmware esxi/6.5-650-201908001 version/vmware esxi/6.5-650-201910001 version/vmware esxi/6.5-650-20191004001 version/vmware esxi/6.5-650-201911001 version/vmware esxi/6.5-650-201911401 version/vmware esxi/6.5-650-201911402 version/vmware esxi/6.5-650-201912001 version/vmware esxi/6.5-650-201912002 version/vmware esxi/6.5-650-201912101 version/vmware esxi/6.5-650-201912102 version/vmware esxi/6.5-650-201912103 version/vmware esxi/6.5-650-201912104 version/vmware esxi/6.5-650-201912301 version/vmware esxi/6.5-650-201912401 version/vmware esxi/6.5-650-201912402 version/vmware esxi/6.5-650-201912403 version/vmware esxi/6.5-650-201912404 version/vmware esxi/6.5-650-202005001 version/vmware esxi/6.5-650-202006001 version/vmware esxi/6.5-650-202007001 version/vmware esxi/6.5-650-202010001 version/vmware esxi/6.5-650-202011001 version/vmware esxi/6.5-650-202011002 version/vmware esxi/6.7 version/vmware esxi/6.7-670-201806001 version/vmware esxi/6.7-670-201807001 version/vmware esxi/6.7-670-201808001 version/vmware esxi/6.7-670-201810001 version/vmware esxi/6.7-670-201810101 version/vmware esxi/6.7-670-201810102 version/vmware esxi/6.7-670-201810103 version/vmware esxi/6.7-670-201810201 version/vmware esxi/6.7-670-201810202 version/vmware esxi/6.7-670-201810203 version/vmware esxi/6.7-670-201810204 version/vmware esxi/6.7-670-201810205 version/vmware esxi/6.7-670-201810206 version/vmware esxi/6.7-670-201810207 version/vmware esxi/6.7-670-201810208 version/vmware esxi/6.7-670-201810209 version/vmware esxi/6.7-670-201810210 version/vmware esxi/6.7-670-201810211 version/vmware esxi/6.7-670-201810212 version/vmware esxi/6.7-670-201810213 version/vmware esxi/6.7-670-201810214 version/vmware esxi/6.7-670-201810215 version/vmware esxi/6.7-670-201810216 version/vmware esxi/6.7-670-201810217 version/vmware esxi/6.7-670-201810218 version/vmware esxi/6.7-670-201810219 version/vmware esxi/6.7-670-201810220 version/vmware esxi/6.7-670-201810221 version/vmware esxi/6.7-670-201810222 version/vmware esxi/6.7-670-201810223 version/vmware esxi/6.7-670-201810224 version/vmware esxi/6.7-670-201810225 version/vmware esxi/6.7-670-201810226 version/vmware esxi/6.7-670-201810227 version/vmware esxi/6.7-670-201810228 version/vmware esxi/6.7-670-201810229 version/vmware esxi/6.7-670-201810230 version/vmware esxi/6.7-670-201810231 version/vmware esxi/6.7-670-201810232 version/vmware esxi/6.7-670-201810233 version/vmware esxi/6.7-670-201810234 version/vmware esxi/6.7-670-201811001 version/vmware esxi/6.7-670-201901001 version/vmware esxi/6.7-670-201901401 version/vmware esxi/6.7-670-201901402 version/vmware esxi/6.7-670-201901403 version/vmware esxi/6.7-670-201903001 version/vmware esxi/6.7-670-201904001 version/vmware esxi/6.7-670-201904201 version/vmware esxi/6.7-670-201904201-ug version/vmware esxi/6.7-670-201904202 version/vmware esxi/6.7-670-201904202-ug version/vmware esxi/6.7-670-201904203 version/vmware esxi/6.7-670-201904203-ug version/vmware esxi/6.7-670-201904204 version/vmware esxi/6.7-670-201904204-ug version/vmware esxi/6.7-670-201904205 version/vmware esxi/6.7-670-201904205-ug version/vmware esxi/6.7-670-201904206 version/vmware esxi/6.7-670-201904206-ug version/vmware esxi/6.7-670-201904207 version/vmware esxi/6.7-670-201904207-ug version/vmware esxi/6.7-670-201904208 version/vmware esxi/6.7-670-201904208-ug version/vmware esxi/6.7-670-201904209 version/vmware esxi/6.7-670-201904209-ug version/vmware esxi/6.7-670-201904210 version/vmware esxi/6.7-670-201904210-ug version/vmware esxi/6.7-670-201904211 version/vmware esxi/6.7-670-201904211-ug version/vmware esxi/6.7-670-201904212 version/vmware esxi/6.7-670-201904212-ug version/vmware esxi/6.7-670-201904213 version/vmware esxi/6.7-670-201904213-ug version/vmware esxi/6.7-670-201904214 version/vmware esxi/6.7-670-201904214-ug version/vmware esxi/6.7-670-201904215 version/vmware esxi/6.7-670-201904215-ug version/vmware esxi/6.7-670-201904216 version/vmware esxi/6.7-670-201904216-ug version/vmware esxi/6.7-670-201904217 version/vmware esxi/6.7-670-201904217-ug version/vmware esxi/6.7-670-201904218 version/vmware esxi/6.7-670-201904218-ug version/vmware esxi/6.7-670-201904219 version/vmware esxi/6.7-670-201904219-ug version/vmware esxi/6.7-670-201904220 version/vmware esxi/6.7-670-201904220-ug version/vmware esxi/6.7-670-201904221 version/vmware esxi/6.7-670-201904221-ug version/vmware esxi/6.7-670-201904222 version/vmware esxi/6.7-670-201904222-ug version/vmware esxi/6.7-670-201904223 version/vmware esxi/6.7-670-201904223-ug version/vmware esxi/6.7-670-201904224 version/vmware esxi/6.7-670-201904224-ug version/vmware esxi/6.7-670-201904225 version/vmware esxi/6.7-670-201904225-ug version/vmware esxi/6.7-670-201904226 version/vmware esxi/6.7-670-201905001 version/vmware esxi/6.7-670-201906002 version/vmware esxi/6.7-670-201911001 version/vmware esxi/6.7-670-201912001 version/vmware esxi/6.7-670-202004001 version/vmware esxi/6.7-670-202004002 version/vmware esxi/6.7-670-202006001 version/vmware esxi/6.7-670-202008001 version/vmware esxi/6.7-670-202010001 version/vmware esxi/7.0 version/vmware esxi/7.0-beta version/vmware esxi/7.0-update_1 version/vmware esxi/7.0-update_1a version/vmware esxi/7.0-update_1b Contact SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd. ABN: 70 645 966 203, ACN: 645 966 203