Threat Advisories - NVD Disclosed December 6, 2019

CVE-2019-5544

VMware ESXi and Horizon DaaS Heap Overflow Vulnerability

Halo Surface Signal: 3 out of 5 — possibly public-facing.

VMware ESXi and Horizon DaaS appliances have a heap overwrite vulnerability in the OpenSLP service. This could allow an attacker with network access to execute code remotely, leading to unauthorized system control and potential data compromise for affected organizations.

NVD published: December 6, 2019 • CISA KEV