EXECUTIVE SUMMARY:
A critical vulnerability in VMware ESXi and vCenter Server, CVE-2025-41225, allows authenticated attackers to execute arbitrary commands on the vCenter Server, posing significant risks to enterprise environments. The flaw has a CVSS score of 8.8, and updates are available to address the issue. Additional vulnerabilities in VMware products include denial-of-service issues in ESXi and Workstation, Fusion, and ESXi, and a reflected cross-site scripting vulnerability affecting ESXi and vCenter Server login pages. Organizations are advised to apply the updates immediately.
- CVE-2025-41225: An authenticated command-execution vulnerability in VMware vCenter Server that allows attackers to execute arbitrary commands. CVSS score: 8.8 (Critical). Affects vCenter Server 7.0 and 8.0.
- CVE-2025-41226: A denial-of-service vulnerability in VMware ESXi caused by guest operations, affecting VMware Tools. CVSS score: 6.8 (Important). Affects ESXi 7.0 and 8.0.
- CVE-2025-41227: A denial-of-service vulnerability in VMware Workstation, Fusion, and ESXi due to resource exhaustion. CVSS score: 5.5 (Moderate). Affects Workstation 17.x, Fusion 13.x, and ESXi.
- CVE-2025-41228: A reflected cross-site scripting vulnerability in ESXi and vCenter Server login pages. CVSS score: 4.3 (Moderate). Affects ESXi 7.0 and 8.0, vCenter Server 7.0 and 8.0.
RECOMMENDATION:
We recommend you apply updates as mentioned below:
- We recommend you update ESXi80U3se-24659227 for ESXi 8.0
- We recommend you update ESXi70U3sv-24723868 for ESXi 7.0.
- We recommend you update version 17.6.3 for Workstation
- We recommend you update version 13.6.3 for Fusion.
We recommend you update version 8.0 U3e or 7.0 U3v for vCenter Server.
REFERENCES:
The following reports contain further technical details:
https://cybersecuritynews.com/vmware-esxi-vcenter-vulnerability/
