Just a quick heads up about VMSA-2020-0026 and especially about (CVE-2020-4004) concerning the XHCI (USB3) Controller.

Use-after-free vulnerability in XHCI USB controller (CVE-2020-4004)

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.3.

Known Attack Vectors

A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine’s VMX process running on the host.

The following PowerCLI one-liner searches for all virtual machines and templates that are configured with the XHCI (USB3) controller.

Get-View -ViewType VirtualMachine -Property Name, Config.Hardware | Where-Object {$_.Config.Hardware.Device.DeviceInfo.Label -match "xhci"} | Select -ExpandProperty Name 

Just connect to your vCenter of choice via Connect-VIServer and see if your environment has VMs or templates that uses the XHCI controller and apply the patch or workaround described in the advisory when needed.

– Happy Scripting –


One thought on “Find all VMs with XHCI USB controller

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.