Skip to main content

Broadcom Releases Security Updates for VMware vCenter Server and Cloud Foundation Vulnerabilities

Advisory addresses two critical vulnerabilities that could lead to arbitrary code execution and allow unauthorised access to internal VMware Cloud Foundation services

Threat ID:
CC-4660
Threat Severity:
Medium
Published:
21 May 2025 12:35 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Advisory addresses two critical vulnerabilities that could lead to arbitrary code execution and allow unauthorised access to internal VMware Cloud Foundation services

Threat details

Introduction

Broadcom has released two security advisories that addresses multiple vulnerabilities in VMware ESXi, VMware vCenter Server, VMware Cloud Foundation, VMware Workstation and Fusion and VMware Telco Cloud. 

Broadcom has released software updates to address multiple security vulnerabilities, including the two detailed below.

Vulnerability Details

  • CVE-2025-41225 is an 'authenticated command-execution' vulnerability in vCenter Server with a CVSSv3 score of 8.8. An attacker with privileges to create/modify alarms and configure script actions could perform arbitrary code execution (ACE) on the vCenter Server. 
  • CVE-2025-41229 is a 'directory traversal' vulnerability in VMware Cloud Foundation with a CVSSv3 score of 8.2. An attacker with network access to port 443 could gain access to certain internal services within VMware Cloud Foundation. 

Remediation advice

Affected organisations are encouraged to review Broadcom's VMware advisories and apply the relevant updates as soon as practicable. These advisories are detailed below for clarity.

CVE Vulnerabilities

Status Published

CVE-2025-41225

The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server.
Status Published

CVE-2025-41226

VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest
Status Published

CVE-2025-41227

VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.
Status Published

CVE-2025-41228

VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.
Status Published

CVE-2025-41229

VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services.
Status Published

CVE-2025-41230

VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information.
Status Published

CVE-2025-41231

VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.

Last edited: 21 May 2025 12:38 pm