Vulnerability in Esxi And Horizon Daas
CVE-2019-5544
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
EPSS: 0.925 (99.7th percentile) — read the EPSS interpretation.
Affected products
- N/a Esxi And Horizon Daas — versions ESXi 6.7 prior to patch release ESXi670-201912001, ESXi 6.5 prior to patch release ESXi650-201912001, ESXi 6.0 prior to patch release ESXi600-201912001 and Horizon DaaS 8.x prior to BZ-2467224-Disable_SLPD_service_permanently_801_Hotfix.
CISA KEV (Known Exploited Vulnerabilities)
This CVE is on the CISA KEV catalog, added on . CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.
BOD 22-01 due date: .
Required action: Apply updates per vendor instructions.
Known ransomware campaign use: yes.
Public proof-of-concept exploits
References
- www.vmware.com/security/advisories/VMSA-2019-0022.html (x_refsource_CONFIRM)
- [oss-security] 20191210 Re: CVE-2019-5544 openslp 1.2.1, 2.0.0 heap overflow vulnerability (mailing-list, x_refsource_MLIST)
- [oss-security] 20191211 Re: CVE-2019-5544 openslp 1.2.1, 2.0.0 heap overflow vulnerability (mailing-list, x_refsource_MLIST)
- RHSA-2019:4240 (vendor-advisory, x_refsource_REDHAT)
- FEDORA-2019-1e5ae33e87 (vendor-advisory, x_refsource_FEDORA)
- FEDORA-2019-86bceb61b3 (vendor-advisory, x_refsource_FEDORA)
- RHSA-2020:0199 (vendor-advisory, x_refsource_REDHAT)
- GLSA-202005-12 (vendor-advisory, x_refsource_GENTOO)
Frequently asked questions
- What is CVE-2019-5544?
- CVE-2019-5544 is a vulnerability in Esxi And Horizon Daas. Published 2019-12-06.
- Is CVE-2019-5544 known to be exploited?
- Yes. CVE-2019-5544 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2021-11-03), indicating it is being actively exploited. 14 public proof-of-concept repositories are indexed.