Just a quick heads up about VMSA-2020-0026 and especially about (CVE-2020-4004) concerning the XHCI (USB3) Controller.
Use-after-free vulnerability in XHCI USB controller (CVE-2020-4004)
Description
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.3.Known Attack Vectors
A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host.
The following PowerCLI one-liner searches for all virtual machines and templates that are configured with the XHCI (USB3) controller.
Get-View -ViewType VirtualMachine -Property Name, Config.Hardware | Where-Object {$_.Config.Hardware.Device.DeviceInfo.Label -match "xhci"} | Select -ExpandProperty Name Just connect to your vCenter of choice via Connect-VIServer and see if your environment has VMs or templates that uses the XHCI controller and apply the patch or workaround described in the advisory when needed.
– Happy Scripting –
ICT-Freak.nl 
do you have any scripts how to remove this usb controller from all virtual machines