Details
Using the VMware DirectPath I/O feature to pass through a PCI or PCIe device to a virtual machine can result in a potential security vulnerability.
Rationale:
The vulnerability can be triggered by buggy or malicious code running in privileged mode in the guest OS, such as a device driver.
Solution
The following PowerCLI command can be used:
# Add the setting to all VMs
Get-VM | New-AdvancedSetting -Name ‘pciPassthru*.present’ -value ”
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.