Skip to main content

Broadcom Releases Security Updates for VMware ESXi, Workstation, Fusion, and Tools

Critical advisory addresses four security vulnerabilities that could result in code execution or information disclosure

Threat ID:
CC-4681
Threat Severity:
Medium
Published:
16 July 2025 10:43 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Critical advisory addresses four security vulnerabilities that could result in code execution or information disclosure

Threat details

Introduction

Broadcom has released a critical advisory that addresses four security vulnerabilities in multiple VMware platforms, which include Cloud Foundation, vSphere Foundation, ESXi, Workstation Pro, Fusion, Tools, and Telco Cloud.

Three of the vulnerabilities could allow an attacker with local administrative privileges to execute code on the host machine and the other vulnerability could lead to information disclosure. 

Vulnerability details

CVE-2025-41236

  • VMXNET3 integer-overflow vulnerability that could allow code execution
  • CVSSv3 score: 9.3

CVE-2025-41237

  • VMCI integer-underflow vulnerability that could allow code execution
  • CVSSv3 score: 9.3

CVE-2025-41238

  • PVSCSI heap-overflow vulnerability that could allow code execution
  • CVSSv3 score: 9.3

CVE-2025-41239

  • vSockets information-disclosure vulnerability
  • CVSSv3 score: 7.1

Remediation advice

Affected organisations are encouraged to review Broadcom's VMware advisory VMSA-2025-0013 and VMSA-2025-0013: Questions & Answers and apply the relevant updates.

CVE Vulnerabilities

Status Published

CVE-2025-41236

VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.
Status Published

CVE-2025-41237

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
Status Published

CVE-2025-41238

VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
Status Published

CVE-2025-41239

VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.

Last edited: 16 July 2025 10:43 am