The host is missing an important severity update according to advisory VMSA-2020-0012 and is prone to an out-of-bounds read vulnerability. A flaw is present in the application, which fails to properly handle NVMe functionality. Successful exploitation may allow attackers with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory.