Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-41239 (GCVE-0-2025-41239)
Vulnerability from cvelistv5 – Published: 2025-07-15 18:35 – Updated: 2025-07-15 18:51
VLAI?
EPSS
Title
vSockets information-disclosure vulnerability
Summary
VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.
Severity ?
7.1 (High)
CWE
- CWE-908 - Use of Uninitialized Resource
Assigner
References
1 reference
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| VMware | ESXi |
Affected:
8.0 , < ESXi80U3f-24784735
(custom)
Affected: 8.0 , < ESXi80U2e-24789317 (custom) Affected: 7.0 , < ESXi70U3w-24784741 (custom) |
|
| VMware | Cloud Foundation |
Affected:
5.x, 4.5.x
|
|
| VMware | Workstation |
Affected:
17.x , < 17.6.4
(custom)
|
|
| VMware | Fusion |
Affected:
13.x , < 13.6.4
(custom)
|
|
| VMware | Telco Cloud Platform |
Affected:
5.x, 4.x, 3.x, 2.x
|
|
| VMware | Telco Cloud Infrastructure |
Affected:
3.x, 2.x
|
|
| VMware | Tools |
Affected:
13.x.x , < 13.0.1.0
(custom)
Affected: 12.x.x, 11.x.x, , < 12.5.3 (custom) |
Date Public ?
2025-07-15 03:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T18:51:16.482481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T18:51:58.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3f-24784735",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2e-24789317",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3w-24784741",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "17.6.4",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"lessThan": "13.6.4",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Tools",
"vendor": "VMware",
"versions": [
{
"lessThan": "13.0.1.0",
"status": "affected",
"version": "13.x.x",
"versionType": "custom"
},
{
"lessThan": "12.5.3",
"status": "affected",
"version": "12.x.x, 11.x.x,",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-07-15T03:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u0026nbsp;\u003c/span\u003eA malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u00a0A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T18:35:03.747Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "vSockets information-disclosure vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41239",
"datePublished": "2025-07-15T18:35:03.747Z",
"dateReserved": "2025-04-16T09:30:17.798Z",
"dateUpdated": "2025-07-15T18:51:58.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-41239",
"date": "2026-05-25",
"epss": "0.00204",
"percentile": "0.42352"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-41239\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2025-07-15T19:15:22.557\",\"lastModified\":\"2025-07-15T20:07:28.023\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u00a0A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.\"},{\"lang\":\"es\",\"value\":\"VMware ESXi, Workstation, Fusion y VMware Tools presentan una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido al uso de memoria no inicializada en vSockets. Un agente malicioso con privilegios de administrador local en una m\u00e1quina virtual podr\u00eda aprovechar este problema para filtrar memoria de los procesos que se comunican con vSockets.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.5,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"references\":[{\"url\":\"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877\",\"source\":\"security@vmware.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-41239\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-15T18:51:16.482481Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-15T18:51:20.329Z\"}}], \"cna\": {\"title\": \"vSockets information-disclosure vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"VMware\", \"product\": \"ESXi\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.0\", \"lessThan\": \"ESXi80U3f-24784735\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"8.0\", \"lessThan\": \"ESXi80U2e-24789317\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"7.0\", \"lessThan\": \"ESXi70U3w-24784741\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"VMware\", \"product\": \"Cloud Foundation\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.x, 4.5.x\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"VMware\", \"product\": \"Workstation\", \"versions\": [{\"status\": \"affected\", \"version\": \"17.x\", \"lessThan\": \"17.6.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"VMware\", \"product\": \"Fusion\", \"versions\": [{\"status\": \"affected\", \"version\": \"13.x\", \"lessThan\": \"13.6.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"VMware\", \"product\": \"Telco Cloud Platform\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.x, 4.x, 3.x, 2.x\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"VMware\", \"product\": \"Telco Cloud Infrastructure\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.x, 2.x\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"VMware\", \"product\": \"Tools\", \"versions\": [{\"status\": \"affected\", \"version\": \"13.x.x\", \"lessThan\": \"13.0.1.0\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"12.x.x, 11.x.x,\", \"lessThan\": \"12.5.3\", \"versionType\": \"custom\"}], \"platforms\": [\"Windows\"], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-07-15T03:30:00.000Z\", \"references\": [{\"url\": \"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\\u00a0A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eVMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u0026nbsp;\u003c/span\u003eA malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-908\", \"description\": \"CWE-908 Use of Uninitialized Resource\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2025-07-15T18:35:03.747Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-41239\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-15T18:51:58.342Z\", \"dateReserved\": \"2025-04-16T09:30:17.798Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2025-07-15T18:35:03.747Z\", \"assignerShortName\": \"vmware\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2025-AVI-0592
Vulnerability from certfr_avis - Published: 2025-07-16 - Updated: 2025-07-16
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Telco Cloud Infrastructure | Telco Cloud Infrastructure versions 3.x et 2.x sans le correctif ESXi70U3w-24784741 | ||
| VMware | Cloud Foundation | Cloud Foundation et vSphere Foundation versions 9.0.0.0 sans le correctif ESXi-9.0.0.0100-24813472 | ||
| VMware | Fusion | Fusion versions 13.x antérieures à 13.6.4 | ||
| VMware | Telco Cloud Platform | Telco Cloud Platform versions 3.x et 2.x sans le correctif ESXi70U3w-24784741 | ||
| VMware | Cloud Foundation | Cloud Foundation versions 5.x sans le correctif ESXi80U3f-24784735 | ||
| VMware | Workstation | Worstation versions 17.x antérieures à 17.6.4 | ||
| VMware | VMware Tools | VMware Tools versions 13.x.x antérieures à 13.0.1.0 pour Windows | ||
| VMware | ESXi | ESXI versions 7.0 sans le correctif ESXi70U3w-24784741 | ||
| VMware | VMware Tools | VMware Tools versions antérieures à 12.5.3 pour Windows | ||
| VMware | Cloud Foundation | Cloud Foundation versions 4.5.x sans le correctif ESXi70U3w-24784741 | ||
| VMware | ESXi | ESXI versions 8.0 sans les correctifs ESXi80U3f-24784735 et ESXi80U2e-24789317 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Telco Cloud Infrastructure versions 3.x et 2.x sans le correctif ESXi70U3w-24784741",
"product": {
"name": "Telco Cloud Infrastructure",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Foundation et vSphere Foundation versions 9.0.0.0 sans le correctif ESXi-9.0.0.0100-24813472",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Fusion versions 13.x ant\u00e9rieures \u00e0 13.6.4",
"product": {
"name": "Fusion",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telco Cloud Platform versions 3.x et 2.x sans le correctif ESXi70U3w-24784741",
"product": {
"name": "Telco Cloud Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Foundation versions 5.x sans le correctif ESXi80U3f-24784735",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Worstation versions 17.x ant\u00e9rieures \u00e0 17.6.4",
"product": {
"name": "Workstation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tools versions 13.x.x ant\u00e9rieures \u00e0 13.0.1.0 pour Windows",
"product": {
"name": "VMware Tools",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "ESXI versions 7.0 sans le correctif ESXi70U3w-24784741",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tools versions ant\u00e9rieures \u00e0 12.5.3 pour Windows",
"product": {
"name": "VMware Tools",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Foundation versions 4.5.x sans le correctif ESXi70U3w-24784741",
"product": {
"name": "Cloud Foundation",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "ESXI versions 8.0 sans les correctifs ESXi80U3f-24784735 et ESXi80U2e-24789317",
"product": {
"name": "ESXi",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-41236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41236"
},
{
"name": "CVE-2025-41237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41237"
},
{
"name": "CVE-2025-41238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41238"
},
{
"name": "CVE-2025-41239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41239"
}
],
"initial_release_date": "2025-07-16T00:00:00",
"last_revision_date": "2025-07-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0592",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 35877",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
}
]
}
FKIE_CVE-2025-41239
Vulnerability from fkie_nvd - Published: 2025-07-15 19:15 - Updated: 2026-04-15 00:35
Severity ?
Summary
VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u00a0A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets."
},
{
"lang": "es",
"value": "VMware ESXi, Workstation, Fusion y VMware Tools presentan una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido al uso de memoria no inicializada en vSockets. Un agente malicioso con privilegios de administrador local en una m\u00e1quina virtual podr\u00eda aprovechar este problema para filtrar memoria de los procesos que se comunican con vSockets."
}
],
"id": "CVE-2025-41239",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2025-07-15T19:15:22.557",
"references": [
{
"source": "security@vmware.com",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "security@vmware.com",
"type": "Secondary"
}
]
}
GHSA-8P72-RXH7-QV97
Vulnerability from github – Published: 2025-07-15 21:31 – Updated: 2025-07-15 21:31
VLAI?
Details
VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.
Severity ?
7.1 (High)
{
"affected": [],
"aliases": [
"CVE-2025-41239"
],
"database_specific": {
"cwe_ids": [
"CWE-908"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-15T19:15:22Z",
"severity": "HIGH"
},
"details": "VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u00a0A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.",
"id": "GHSA-8p72-rxh7-qv97",
"modified": "2025-07-15T21:31:39Z",
"published": "2025-07-15T21:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41239"
},
{
"type": "WEB",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
ICSA-25-212-02
Vulnerability from csaf_cisa - Published: 2025-07-31 06:00 - Updated: 2025-07-31 06:00Summary
Rockwell Automation Lifecycle Services with VMware
Notes
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: Successful exploitation of these vulnerabilities could lead to code execution on the host or leakage of memory from processes communicating with vSockets.
Critical infrastructure sectors: Critical Manufacturing
Countries/areas deployed: Worldwide
Company headquarters location: United States
Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:
Recommended Practices: Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the Internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices: No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.
9.3 (Critical)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Rockwell Automation Industrial Data Center (IDC) with VMware: >=Generations_1|<=4
Rockwell Automation / Industrial Data Center (IDC) with VMware
|
>=Generations_1|<=4 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation VersaVirtual Appliance (VVA) with VMware Series: A and B
Rockwell Automation / VersaVirtual Appliance (VVA) with VMware
|
A|B |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Threat Detection Managed Services (TDMS) with VMware: vers:all/*
Rockwell Automation / Threat Detection Managed Services (TDMS) with VMware
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Endpoint Protection Service with Rockwell Automation Proxy & VMware only: vers:all/*
Rockwell Automation / Endpoint Protection Service with Rockwell Automation Proxy & VMware only
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Engineered and Integrated Solutions with VMware: vers:all/*
Rockwell Automation / Engineered and Integrated Solutions with VMware
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
9.3 (Critical)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Rockwell Automation Industrial Data Center (IDC) with VMware: >=Generations_1|<=4
Rockwell Automation / Industrial Data Center (IDC) with VMware
|
>=Generations_1|<=4 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation VersaVirtual Appliance (VVA) with VMware Series: A and B
Rockwell Automation / VersaVirtual Appliance (VVA) with VMware
|
A|B |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Threat Detection Managed Services (TDMS) with VMware: vers:all/*
Rockwell Automation / Threat Detection Managed Services (TDMS) with VMware
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Endpoint Protection Service with Rockwell Automation Proxy & VMware only: vers:all/*
Rockwell Automation / Endpoint Protection Service with Rockwell Automation Proxy & VMware only
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Engineered and Integrated Solutions with VMware: vers:all/*
Rockwell Automation / Engineered and Integrated Solutions with VMware
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
9.3 (Critical)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Rockwell Automation Industrial Data Center (IDC) with VMware: >=Generations_1|<=4
Rockwell Automation / Industrial Data Center (IDC) with VMware
|
>=Generations_1|<=4 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation VersaVirtual Appliance (VVA) with VMware Series: A and B
Rockwell Automation / VersaVirtual Appliance (VVA) with VMware
|
A|B |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Threat Detection Managed Services (TDMS) with VMware: vers:all/*
Rockwell Automation / Threat Detection Managed Services (TDMS) with VMware
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Endpoint Protection Service with Rockwell Automation Proxy & VMware only: vers:all/*
Rockwell Automation / Endpoint Protection Service with Rockwell Automation Proxy & VMware only
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Engineered and Integrated Solutions with VMware: vers:all/*
Rockwell Automation / Engineered and Integrated Solutions with VMware
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
7.1 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Rockwell Automation Industrial Data Center (IDC) with VMware: >=Generations_1|<=4
Rockwell Automation / Industrial Data Center (IDC) with VMware
|
>=Generations_1|<=4 |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation VersaVirtual Appliance (VVA) with VMware Series: A and B
Rockwell Automation / VersaVirtual Appliance (VVA) with VMware
|
A|B |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Threat Detection Managed Services (TDMS) with VMware: vers:all/*
Rockwell Automation / Threat Detection Managed Services (TDMS) with VMware
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Endpoint Protection Service with Rockwell Automation Proxy & VMware only: vers:all/*
Rockwell Automation / Endpoint Protection Service with Rockwell Automation Proxy & VMware only
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
|
|
Rockwell Automation Engineered and Integrated Solutions with VMware: vers:all/*
Rockwell Automation / Engineered and Integrated Solutions with VMware
|
vers:all/* |
Mitigation
Mitigation
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
Mitigation
fix
|
References
18 references
Acknowledgments
Rockwell Automation
{
"document": {
"acknowledgments": [
{
"organization": "Rockwell Automation",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could lead to code execution on the host or leakage of memory from processes communicating with vSockets.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "United States",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the Internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as virtual private networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-25-212-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-212-02.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-25-212-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-212-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Rockwell Automation Lifecycle Services with VMware",
"tracking": {
"current_release_date": "2025-07-31T06:00:00.000000Z",
"generator": {
"date": "2025-07-31T19:36:07.236717Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-212-02",
"initial_release_date": "2025-07-31T06:00:00.000000Z",
"revision_history": [
{
"date": "2025-07-31T06:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=Generations_1|\u003c=4",
"product": {
"name": "Rockwell Automation Industrial Data Center (IDC) with VMware: \u003e=Generations_1|\u003c=4",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Industrial Data Center (IDC) with VMware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "A|B",
"product": {
"name": "Rockwell Automation VersaVirtual Appliance (VVA) with VMware Series: A and B",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "VersaVirtual Appliance (VVA) with VMware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Rockwell Automation Threat Detection Managed Services (TDMS) with VMware: vers:all/*",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Threat Detection Managed Services (TDMS) with VMware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Rockwell Automation Endpoint Protection Service with Rockwell Automation Proxy \u0026 VMware only: vers:all/*",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Endpoint Protection Service with Rockwell Automation Proxy \u0026 VMware only"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Rockwell Automation Engineered and Integrated Solutions with VMware: vers:all/*",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Engineered and Integrated Solutions with VMware"
}
],
"category": "vendor",
"name": "Rockwell Automation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41236",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An integer-overflow vulnerability exists in the VMXNET3 virtual network adapter used in VMware ESXi, Workstation, and Fusion. Exploitation of this vulnerability can lead to code execution on the host.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41236"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation will contact impacted users with an active Rockwell Automation Infrastructure Managed Service contract or Threat Detection Managed Service contract to discuss actions needed for remediation efforts.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Rockwell recommends users without Rockwell Automation managed services contract to refer to Broadcom\u0027s advisories below:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Support Content Notification - Support Portal - Broadcom support portal",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html"
},
{
"category": "mitigation",
"details": "Rockwell Automation encourages users of the affected software who are not able to upgrade to one of the corrected versions to apply security best practices where possible.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "mitigation",
"details": "For more information refer to Rockwell Automation\u0027s security advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/54102"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2025-41237",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An integer-underflow vulnerability exists in the Virtual Machine Communication Interface (VMCI) of VMware ESXi, Workstation, and Fusion, which can lead to an out-of-bounds write. Exploitation of this vulnerability can lead to code execution on the host. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41237"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation will contact impacted users with an active Rockwell Automation Infrastructure Managed Service contract or Threat Detection Managed Service contract to discuss actions needed for remediation efforts.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Rockwell recommends users without Rockwell Automation managed services contract to refer to Broadcom\u0027s advisories below:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Support Content Notification - Support Portal - Broadcom support portal",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html"
},
{
"category": "mitigation",
"details": "Rockwell Automation encourages users of the affected software who are not able to upgrade to one of the corrected versions to apply security best practices where possible.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "mitigation",
"details": "For more information refer to Rockwell Automation\u0027s security advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/54102"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2025-41238",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A heap-overflow vulnerability exists in the Paravirtualized SCSI (PVSCSI) controller of VMware ESXi, Workstation, and Fusion, which can lead to an out-of-bounds write. Exploitation of this vulnerability can lead to code execution on the host. ",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41238"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation will contact impacted users with an active Rockwell Automation Infrastructure Managed Service contract or Threat Detection Managed Service contract to discuss actions needed for remediation efforts.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Rockwell recommends users without Rockwell Automation managed services contract to refer to Broadcom\u0027s advisories below:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Support Content Notification - Support Portal - Broadcom support portal",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html"
},
{
"category": "mitigation",
"details": "Rockwell Automation encourages users of the affected software who are not able to upgrade to one of the corrected versions to apply security best practices where possible.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "mitigation",
"details": "For more information refer to Rockwell Automation\u0027s security advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/54102"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2025-41239",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "An information disclosure vulnerability exists in vSockets due to the use of uninitialized memory in VMware ESXi, Workstation, Fusion, and VMware Tools. Exploitation of this vulnerability can result in the leakage of memory from processes communicating with vSockets.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "www.cve.org",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41239"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "Rockwell Automation will contact impacted users with an active Rockwell Automation Infrastructure Managed Service contract or Threat Detection Managed Service contract to discuss actions needed for remediation efforts.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Rockwell recommends users without Rockwell Automation managed services contract to refer to Broadcom\u0027s advisories below:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Support Content Notification - Support Portal - Broadcom support portal",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html"
},
{
"category": "mitigation",
"details": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html"
},
{
"category": "mitigation",
"details": "Rockwell Automation encourages users of the affected software who are not able to upgrade to one of the corrected versions to apply security best practices where possible.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1085012/loc/en_US#__highlight"
},
{
"category": "mitigation",
"details": "For more information refer to Rockwell Automation\u0027s security advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/54102"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
]
}
]
}
WID-SEC-W-2025-1576
Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-07-16 22:00Summary
VMware Produkte: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Virtualisierungssoftware von VMware ermöglicht die simultane Ausführung von verschiedenen Betriebssystemen auf einem Host-System.
VMware Tools sind Applikationen und Treiber, mit denen die Gast-Betriebssysteme in einer virtuellen Maschine unter VMware zusätzliche Funktionalitäten erhalten.
Die Virtualisierungssoftware von VMware ermöglicht die simultane Ausführung von verschiedenen Betriebssystemen auf einem Host-System.
VMware Cloud Foundation ist eine Hybrid Cloud-Plattform für VM-Management und Container-Orchestrierung.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in VMware vSphere, VMware Tools, VMware ESXi, VMware Workstation, VMware Fusion und VMware Cloud Foundation ausnutzen, um beliebigen Programmcode auszuführen und vertrauliche Informationen preiszugeben.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
VMware vSphere Foundation ESX <ESXi-9.0.0.0100-24813472
VMware / vSphere
|
Foundation ESX <ESXi-9.0.0.0100-24813472 | ||
|
VMware ESXi <ESXi80U2e-24789317
VMware / ESXi
|
<ESXi80U2e-24789317 | ||
|
VMware ESXi <ESXi80U3f-24784735
VMware / ESXi
|
<ESXi80U3f-24784735 | ||
|
VMware ESXi <ESXi70U3w-24784741
VMware / ESXi
|
<ESXi70U3w-24784741 | ||
|
VMware Fusion <13.6.4
VMware / Fusion
|
<13.6.4 | ||
|
VMware Workstation <17.6.4
VMware / Workstation
|
<17.6.4 | ||
|
VMware Cloud Foundation <ESXi70U3w-24784741
VMware / Cloud Foundation
|
<ESXi70U3w-24784741 | ||
|
VMware Cloud Foundation <ESXi80U3f-24784735
VMware / Cloud Foundation
|
<ESXi80U3f-24784735 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
VMware vSphere Foundation ESX <ESXi-9.0.0.0100-24813472
VMware / vSphere
|
Foundation ESX <ESXi-9.0.0.0100-24813472 | ||
|
VMware ESXi <ESXi80U2e-24789317
VMware / ESXi
|
<ESXi80U2e-24789317 | ||
|
VMware ESXi <ESXi80U3f-24784735
VMware / ESXi
|
<ESXi80U3f-24784735 | ||
|
VMware ESXi <ESXi70U3w-24784741
VMware / ESXi
|
<ESXi70U3w-24784741 | ||
|
VMware Fusion <13.6.4
VMware / Fusion
|
<13.6.4 | ||
|
VMware Workstation <17.6.4
VMware / Workstation
|
<17.6.4 | ||
|
VMware Cloud Foundation <ESXi70U3w-24784741
VMware / Cloud Foundation
|
<ESXi70U3w-24784741 | ||
|
VMware Cloud Foundation <ESXi80U3f-24784735
VMware / Cloud Foundation
|
<ESXi80U3f-24784735 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
VMware vSphere Foundation ESX <ESXi-9.0.0.0100-24813472
VMware / vSphere
|
Foundation ESX <ESXi-9.0.0.0100-24813472 | ||
|
VMware ESXi <ESXi80U2e-24789317
VMware / ESXi
|
<ESXi80U2e-24789317 | ||
|
VMware ESXi <ESXi80U3f-24784735
VMware / ESXi
|
<ESXi80U3f-24784735 | ||
|
VMware ESXi <ESXi70U3w-24784741
VMware / ESXi
|
<ESXi70U3w-24784741 | ||
|
VMware Fusion <13.6.4
VMware / Fusion
|
<13.6.4 | ||
|
VMware Workstation <17.6.4
VMware / Workstation
|
<17.6.4 | ||
|
VMware Cloud Foundation <ESXi70U3w-24784741
VMware / Cloud Foundation
|
<ESXi70U3w-24784741 | ||
|
VMware Cloud Foundation <ESXi80U3f-24784735
VMware / Cloud Foundation
|
<ESXi80U3f-24784735 |
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
VMware Tools Windows <12.5.3
VMware / Tools
|
Windows <12.5.3 | ||
|
VMware Tools Windows <13.0.1.0
VMware / Tools
|
Windows <13.0.1.0 | ||
|
VMware vSphere Foundation ESX <ESXi-9.0.0.0100-24813472
VMware / vSphere
|
Foundation ESX <ESXi-9.0.0.0100-24813472 | ||
|
VMware ESXi <ESXi80U2e-24789317
VMware / ESXi
|
<ESXi80U2e-24789317 | ||
|
VMware ESXi <ESXi80U3f-24784735
VMware / ESXi
|
<ESXi80U3f-24784735 | ||
|
VMware ESXi <ESXi70U3w-24784741
VMware / ESXi
|
<ESXi70U3w-24784741 | ||
|
VMware Fusion <13.6.4
VMware / Fusion
|
<13.6.4 | ||
|
VMware Workstation <17.6.4
VMware / Workstation
|
<17.6.4 | ||
|
VMware Cloud Foundation <ESXi70U3w-24784741
VMware / Cloud Foundation
|
<ESXi70U3w-24784741 | ||
|
VMware Cloud Foundation <ESXi80U3f-24784735
VMware / Cloud Foundation
|
<ESXi80U3f-24784735 |
References
4 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Virtualisierungssoftware von VMware erm\u00f6glicht die simultane Ausf\u00fchrung von verschiedenen Betriebssystemen auf einem Host-System.\r\n\r\nVMware Tools sind Applikationen und Treiber, mit denen die Gast-Betriebssysteme in einer virtuellen Maschine unter VMware zus\u00e4tzliche Funktionalit\u00e4ten erhalten.\r\nDie Virtualisierungssoftware von VMware erm\u00f6glicht die simultane Ausf\u00fchrung von verschiedenen Betriebssystemen auf einem Host-System.\r\nVMware Cloud Foundation ist eine Hybrid Cloud-Plattform f\u00fcr VM-Management und Container-Orchestrierung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in VMware vSphere, VMware Tools, VMware ESXi, VMware Workstation, VMware Fusion und VMware Cloud Foundation ausnutzen, um beliebigen Programmcode auszuf\u00fchren und vertrauliche Informationen preiszugeben.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1576 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1576.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1576 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1576"
},
{
"category": "external",
"summary": "VMware Security Advisory vom 2025-07-15",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
},
{
"category": "external",
"summary": "VMSA-2025-0013: Questions \u0026 Answers",
"url": "https://github.com/vmware/vcf-security-and-compliance-guidelines/tree/main/security-advisories/vmsa-2025-0013"
}
],
"source_lang": "en-US",
"title": "VMware Produkte: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-16T22:00:00.000+00:00",
"generator": {
"date": "2025-07-17T10:17:00.430+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1576",
"initial_release_date": "2025-07-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "2",
"summary": "Weitere Informationen von VMware aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cESXi80U3f-24784735",
"product": {
"name": "VMware Cloud Foundation \u003cESXi80U3f-24784735",
"product_id": "T045443"
}
},
{
"category": "product_version",
"name": "ESXi80U3f-24784735",
"product": {
"name": "VMware Cloud Foundation ESXi80U3f-24784735",
"product_id": "T045443-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:cloud_foundation:esxi80u3f-24784735"
}
}
},
{
"category": "product_version_range",
"name": "\u003cESXi70U3w-24784741",
"product": {
"name": "VMware Cloud Foundation \u003cESXi70U3w-24784741",
"product_id": "T045444"
}
},
{
"category": "product_version",
"name": "ESXi70U3w-24784741",
"product": {
"name": "VMware Cloud Foundation ESXi70U3w-24784741",
"product_id": "T045444-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:cloud_foundation:esxi70u3w-24784741"
}
}
}
],
"category": "product_name",
"name": "Cloud Foundation"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cESXi80U3f-24784735",
"product": {
"name": "VMware ESXi \u003cESXi80U3f-24784735",
"product_id": "T045438"
}
},
{
"category": "product_version",
"name": "ESXi80U3f-24784735",
"product": {
"name": "VMware ESXi ESXi80U3f-24784735",
"product_id": "T045438-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:vmware:esxi:esxi80u3f-24784735"
}
}
},
{
"category": "product_version_range",
"name": "\u003cESXi80U2e-24789317",
"product": {
"name": "VMware ESXi \u003cESXi80U2e-24789317",
"product_id": "T045439"
}
},
{
"category": "product_version",
"name": "ESXi80U2e-24789317",
"product": {
"name": "VMware ESXi ESXi80U2e-24789317",
"product_id": "T045439-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:vmware:esxi:esxi80u2e-24789317"
}
}
},
{
"category": "product_version_range",
"name": "\u003cESXi70U3w-24784741",
"product": {
"name": "VMware ESXi \u003cESXi70U3w-24784741",
"product_id": "T045440"
}
},
{
"category": "product_version",
"name": "ESXi70U3w-24784741",
"product": {
"name": "VMware ESXi ESXi70U3w-24784741",
"product_id": "T045440-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:vmware:esxi:esxi70u3w-24784741"
}
}
}
],
"category": "product_name",
"name": "ESXi"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c13.6.4",
"product": {
"name": "VMware Fusion \u003c13.6.4",
"product_id": "T045442"
}
},
{
"category": "product_version",
"name": "13.6.4",
"product": {
"name": "VMware Fusion 13.6.4",
"product_id": "T045442-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:fusion:13.6.4"
}
}
}
],
"category": "product_name",
"name": "Fusion"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Windows \u003c13.0.1.0",
"product": {
"name": "VMware Tools Windows \u003c13.0.1.0",
"product_id": "T045437"
}
},
{
"category": "product_version",
"name": "Windows 13.0.1.0",
"product": {
"name": "VMware Tools Windows 13.0.1.0",
"product_id": "T045437-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:tools:windows__13.0.1.0"
}
}
},
{
"category": "product_version_range",
"name": "Windows \u003c12.5.3",
"product": {
"name": "VMware Tools Windows \u003c12.5.3",
"product_id": "T045446"
}
},
{
"category": "product_version",
"name": "Windows 12.5.3",
"product": {
"name": "VMware Tools Windows 12.5.3",
"product_id": "T045446-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:tools:windows___12.5.3"
}
}
}
],
"category": "product_name",
"name": "Tools"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c17.6.4",
"product": {
"name": "VMware Workstation \u003c17.6.4",
"product_id": "T045441"
}
},
{
"category": "product_version",
"name": "17.6.4",
"product": {
"name": "VMware Workstation 17.6.4",
"product_id": "T045441-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:workstation:17.6.4"
}
}
}
],
"category": "product_name",
"name": "Workstation"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Foundation ESX \u003cESXi-9.0.0.0100-24813472",
"product": {
"name": "VMware vSphere Foundation ESX \u003cESXi-9.0.0.0100-24813472",
"product_id": "T045436"
}
},
{
"category": "product_version",
"name": "Foundation ESX ESXi-9.0.0.0100-24813472",
"product": {
"name": "VMware vSphere Foundation ESX ESXi-9.0.0.0100-24813472",
"product_id": "T045436-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:vmware:vsphere:foundation_esx__esxi-9.0.0.0100-24813472"
}
}
}
],
"category": "product_name",
"name": "vSphere"
}
],
"category": "vendor",
"name": "VMware"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41236",
"product_status": {
"known_affected": [
"T045436",
"T045439",
"T045438",
"T045440",
"T045442",
"T045441",
"T045444",
"T045443"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-41236"
},
{
"cve": "CVE-2025-41237",
"product_status": {
"known_affected": [
"T045436",
"T045439",
"T045438",
"T045440",
"T045442",
"T045441",
"T045444",
"T045443"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-41237"
},
{
"cve": "CVE-2025-41238",
"product_status": {
"known_affected": [
"T045436",
"T045439",
"T045438",
"T045440",
"T045442",
"T045441",
"T045444",
"T045443"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-41238"
},
{
"cve": "CVE-2025-41239",
"product_status": {
"known_affected": [
"T045446",
"T045437",
"T045436",
"T045439",
"T045438",
"T045440",
"T045442",
"T045441",
"T045444",
"T045443"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-41239"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…