Secure ISS
NewsThreats
T

Threats

Critical Vulnerabilities in VMware Products (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239)

Overview

  • CVE: CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239

  • Severity: CRITICAL

  • Score: CVSS 9.3 (41236, 41237, 41238), CVSS 7.1 (41239)

  • Date: 17 July 2025

Broadcom (VMware) has disclosed four critical vulnerabilities affecting VMware ESXi, Workstation, Fusion, Tools, and Cloud Foundation. These vulnerabilities were discovered through offensive research at Pwn2Own 2025 and can enable virtual machine (VM) escape, host-level code execution, or memory leakage. Exploitation requires administrative access within a guest VM, and is particularly concerning in multi-tenant or service provider environments.

 

Affected Versions

  • VMware ESXi (multiple versions)

  • VMware Workstation 17.x

  • VMware Fusion 13.x

  • VMware Tools (11.x.x to 13.x.x)

  • VMware Cloud Foundation

 

Vulnerability Breakdown

CVE-2025-41236

Description: Integer overflow in the VMXNET3 virtual network adapter.

Score: CVSS 9.3

Impact: Guest VM admin may execute arbitrary code on the host.

Risk: Critical in cloud, VDI, and MSP environments.


CVE-2025-41237

Description: Integer underflow in the VMCI device.

Score: CVSS 9.3

Impact: Enables guest VM admin to run code as VMX host process.

Risk: High risk of VM escape.


CVE-2025-41238

Description: Heap overflow in the PVSCSI controller.

Score: CVSS 9.3

Impact: Local VM admin may execute code on the host in certain setups.

Risk: Major risk for misconfigured or legacy VMs.


CVE-2025-41239

Description: Use of uninitialised memory in vSockets.

Score: CVSS 7.1

Impact: Information disclosure via memory leakage from host to guest.

Risk: Medium but notable in sensitive environments.

 

Mitigation

  • Apply patches or upgrade to the latest supported versions of affected products as outlined in VMware advisory VMSA-2025-0013.

  • Environments with active VMXNET3, VMCI or PVSCSI usage should prioritise immediate action.

  • Limit admin access on guest VMs and audit virtual hardware configurations.


 

Summary for IT Teams

Products: VMware ESXi, Workstation, Fusion, Tools, Cloud Foundation

Threat Level: Critical

Action:

  • Apply patches for all affected platforms immediately

  • Review virtual hardware use (VMXNET3, VMCI, PVSCSI)

  • Minimise guest VM admin rights and harden access controls



References

Cta Image

Australia is secure when
Australian talent defends it.

Reach out today to discuss how with Lumara, we can work together to protect your business from the always changing Australian threat landscape.

Contact US

Cta Image

Australia is secure when
Australian talent defends it.

Reach out today to discuss how with Lumara, we can work together to protect your business from the always changing Australian threat landscape.

Contact US

Cta Image

Australia is secure when
Australian talent defends it.

Reach out today to discuss how with Lumara, we can work together to protect your business from the always changing Australian threat landscape.

Contact US