{"vulnerability": "CVE-2020-4004", "sightings": [{"uuid": "2450521e-bea5-4634-b559-006c26123a3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4004", "type": "seen", "source": "https://t.me/CyberSecurityIL/323", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:\n\n\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9\u05dd \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea VMware\n\n\u05d7\u05d1\u05e8\u05ea VMware \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05de\u05e1\u05e4\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9\u05d4.\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e2\u05dc\u05d5\u05dc\u05d5\u05ea \u05dc\u05d0\u05e4\u05e9\u05e8 \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05e2\u05dc \u05d4\u05e9\u05e8\u05ea \u05d4\u05de\u05d0\u05e8\u05d7 (CVE-2020-4004) \u05d5\u05d4\u05e2\u05dc\u05d0\u05ea \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea (CVE-2020-4005).\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05d3\u05d5\u05e8\u05d2\u05d5\u05ea \u05d1\u05d3\u05d9\u05e8\u05d5\u05d2 CVSS \u05d2\u05d1\u05d5\u05d4 (9.3 \u05d5-8.8 \u05d1\u05d4\u05ea\u05d0\u05de\u05d4).", "creation_timestamp": "2020-11-23T13:47:23.000000Z"}, {"uuid": "c06b81a7-3b89-4ee4-b2a2-4fc9ee2d0696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4004", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/548", "content": "\u05de\u05e2\u05e8\u05da \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05dc\u05d0\u05d5\u05de\u05d9:\n\n\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9\u05dd \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea VMware\n\n\u05d7\u05d1\u05e8\u05ea VMware \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05de\u05e1\u05e4\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9\u05d4.\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e2\u05dc\u05d5\u05dc\u05d5\u05ea \u05dc\u05d0\u05e4\u05e9\u05e8 \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05e2\u05dc \u05d4\u05e9\u05e8\u05ea \u05d4\u05de\u05d0\u05e8\u05d7 (CVE-2020-4004) \u05d5\u05d4\u05e2\u05dc\u05d0\u05ea \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea (CVE-2020-4005).\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05d3\u05d5\u05e8\u05d2\u05d5\u05ea \u05d1\u05d3\u05d9\u05e8\u05d5\u05d2 CVSS \u05d2\u05d1\u05d5\u05d4 (9.3 \u05d5-8.8 \u05d1\u05d4\u05ea\u05d0\u05de\u05d4).", "creation_timestamp": "2020-11-23T13:47:23.000000Z"}, {"uuid": "63471115-f4fe-47e2-80cb-42399285b55a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4004", "type": "seen", "source": "https://t.me/cibsecurity/17424", "content": "\u203c CVE-2020-4004 \u203c\n\nVMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T07:25:30.000000Z"}, {"uuid": "dd3bf81b-5daa-4908-adc1-f580713e35a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2020-4004", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/vmware-julkaisi-korjaavan-paivityksen-kriittiseen-haavoittuvuuteen", "content": "", "creation_timestamp": "2026-03-17T14:50:57.338679Z"}, {"uuid": "f827a1b6-e25f-4308-a726-409bd2d09561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4004", "type": "seen", "source": "https://t.me/cibsecurity/16678", "content": "\u203c CVE-2020-4004 \u203c\n\nVMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-20T22:42:59.000000Z"}, {"uuid": "2da2cf73-c632-44fc-98fe-92e9d5e3f1a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4004", "type": "seen", "source": "https://t.me/cibsecurity/16681", "content": "\u203c CVE-2020-4005 \u203c\n\nVMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-20T22:43:03.000000Z"}, {"uuid": "2ecffe10-f63c-4aa7-b2cd-8b9197b55a58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4004", "type": "seen", "source": "MISP/0734fe61-f838-4ad7-bcc6-6a7c6854f098", "content": "", "creation_timestamp": "2024-11-14T06:09:36.000000Z"}, {"uuid": "a387781f-0d11-4242-b70a-66b86b1fd0a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-4004", "type": "seen", "source": "https://t.me/CyberGovIL/946", "content": "\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e7\u05e8\u05d9\u05d8\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9\u05dd \u05e9\u05dc \u05d7\u05d1\u05e8\u05ea  Com1817 | VMware\n\n\u05d7\u05d1\u05e8\u05ea VMware \u05e4\u05e8\u05e1\u05de\u05d4 \u05d4\u05ea\u05e8\u05e2\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e2\u05d1\u05d5\u05e8 \u05de\u05e1\u05e4\u05e8 \u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05d1\u05de\u05d5\u05e6\u05e8\u05d9\u05d4.\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05e2\u05dc\u05d5\u05dc\u05d5\u05ea \u05dc\u05d0\u05e4\u05e9\u05e8 \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05e2\u05dc \u05d4\u05e9\u05e8\u05ea \u05d4\u05de\u05d0\u05e8\u05d7 (CVE-2020-4004) \u05d5\u05d4\u05e2\u05dc\u05d0\u05ea \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea (CVE-2020-4005).\n\n\u05d4\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05de\u05d3\u05d5\u05e8\u05d2\u05d5\u05ea \u05d1\u05d3\u05d9\u05e8\u05d5\u05d2 CVSS \u05d2\u05d1\u05d5\u05d4 (9.3 \u05d5-8.8 \u05d1\u05d4\u05ea\u05d0\u05de\u05d4).", "creation_timestamp": "2020-11-23T12:28:43.000000Z"}, {"uuid": "558e6299-0648-4a48-8717-0b4ee1bd9a28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2020-4004", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/vmware-julkaisi-korjaavan-paivityksen-kriittiseen-haavoittuvuuteen", "content": "", "creation_timestamp": "2020-11-23T12:30:01.000000Z"}]}