CVE-2019-5544

VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution. Vendor/Product: VMware VMware ESXi and Horizon DaaS. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.