VMware developers have released patches for vulnerabilities, which became known at the hacker tournament Tianfu Cup. Participants in the November competition hacked the ESXi hardware hypervisor, having the opportunity to execute third-party code on the target system.
The exploit brought ethical hackers $ 200 thousand, which was the largest prize in the competition. Information about the existing error was immediately passed on to VMware representatives. Later, the vulnerability received the identifier CVE-2019-5544 with a critical assessment of the threat level – 9.8 points on the CVSS scale.