Critical bug impacting its ESXi hypervisor and Horizon DaaS cloud desktop-as-a-service products – 5th Dec 2019

Preface: Patching is a routine job in Cloud services provider. The job is similar do bathing with your puppy.

Background: There are five virtual appliances (OVA) used for Horizon DaaS; Service Provider, Tenant, Desktop Manager, Resource Manager and Access Point.

Vulnerability details: An unauthorized user with network access to port 427 on an ESXi host or on any Horizon DaaS management appliance may be able to overwrite the heap of the OpenSLP service resulting in remote code execution. We speculate that the vulnerability details shown on attached diagram. You can disable this service in minutes. Guidance for implementation on ESXi and Horizon DaaS have also been published. For details, see below URL: https://www.vmware.com/security/advisories/VMSA-2019-0022.html