CVE-2019-5544

Vulnerability Profile Updated 3 months ago
Download STIX
Preview STIX
CVE-2019-5544 is a significant vulnerability involving a flaw in the software design or implementation of VMWare's OpenSLP service. This vulnerability, known as a heap buffer overflow, can potentially allow an attacker to execute arbitrary code on the server and compromise the system. OpenSLP (Service Location Protocol) is an open-source implementation of the Service Location Protocol, which provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. A few months ago, Juniper discovered a custom Python backdoor that specifically targeted VMWare ESXi servers by exploiting this vulnerability. The discovery underscored the severity and potential misuse of CVE-2019-5544. This backdoor allowed unauthorized users to gain access and control over the affected servers, posing serious security threats to organizations using VMWare ESXi servers. To mitigate these risks, Check Point IPS has developed protection against this threat. Their Intrusion Prevention System (IPS) is designed to identify and block attempts to exploit this vulnerability, providing a crucial layer of defense for VMWare OpenSLP. This protective measure covers not only CVE-2019-5544 but also other related vulnerabilities such as CVE-2020-3992 and CVE-2021-21974, ensuring comprehensive security coverage for VMWare users.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Backdoor
Esxi
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2020-3992Unspecified
1
None
CVE-2021-21974Unspecified
1
CVE-2021-21974 is a heap-overflow vulnerability discovered in VMware's ESXi OpenSLP service. This flaw allows attackers to execute arbitrary code and take control of the affected system, posing a significant threat to organizations that utilize VMware's ESXi for their virtual infrastructure manageme
Source Document References
Information about the CVE-2019-5544 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Checkpoint
a year ago
6th February – Threat Intelligence Report - Check Point Research
CERT-EU
a year ago
13th February – Threat Intelligence Report - Check Point Research
CERT-EU
a year ago
Out-of-bounds write in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
SANS ISC
a year ago
InfoSec Handlers Diary Blog - SANS Internet Storm Center