VMware recently released a new security vulnerability associated with USB Controllers found in ESXi, Workstation, and Fusion. While there is an immediate update available, a viable workaround is to simply remove the USB Controllers if you have no use for them. But how does one report if you have any VMs with a USB Controller attached in a large vCenter environment? PowerCLI, of course!
Simply copy this script block into a .ps1 file and run it directly from a machine with PowerCLI installed. You’ll be prompted for the FQDN of your vCenter, and the script will spit out a list of any machines that have a USB controller attached, like so:
$viserver = Read-Host "Please input vCenter Server FQDN!"
Connect-VIServer $viserver
Write-Host "Collecting hardware data for all VMs..."
$vms = Get-VM | Get-View
$vmcustomobject = @()
foreach ($vm in $vms)
{
$vmcustomobject+=new-object PSObject -Property @{
Name = $vm.name;
DeviceInfo = $vm.config.hardware.device.deviceinfo;
}
}
$listvms = $vmcustomobject | select name -ExpandProperty deviceinfo | where-object {$_.Label -like "USB*"}
$listvms | select name,label
Disconnect-VIServer * -Confirm:$false