VMware ESXi OpenSLP heap overflow

Added: 02/10/2023

Background

VMware ESXi is a bare metal hypervisor.

Problem

A heap overflow vulnerability in the OpenSLP service could allow an attacker on the same network segment to execute arbitrary commands.

Resolution

Upgrade to a fixed version referenced in VMSA-2021-0002 or disable the SLP service.

References

https://www.vmware.com/security/advisories/VMSA-2021-0002.html
https://www.zerodayinitiative.com/advisories/ZDI-21-250/

Limitations

Exploit works on ESXi 6.7.0 builds 14320388 and 16316930.

Platforms

ESX

Back to exploit index