We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-41227

Denial-of-Service Vulnerability



Description

VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.

Reserved 2025-04-16 | Published 2025-05-20 | Updated 2025-05-20 | Assigner vmware


MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-400 Uncontrolled Resource Consumption

Product status

Default status
unaffected

8.0 before ESXi80U3se-24659227
affected

7.0 before ESXi70U3sv-24723868
affected

Default status
unaffected

5.x, 4.5.x
affected

Default status
unaffected

5.x, 4.x, 3.x, 2.x
affected

Default status
unaffected

3.x, 2.x
affected

Default status
unaffected

17.x before 17.6.3
affected

Default status
unaffected

13.x before 13.6.3
affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/25717

cve.org (CVE-2025-41227)

nvd.nist.gov (CVE-2025-41227)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-41227

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.