CVE-2025-41241 | THREATINT

Description

VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service condition.

PUBLISHED Reserved 2025-04-16 | Published 2025-07-29 | Updated 2025-07-29 | Assigner vmware

MEDIUM: 4.4CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-754 Improper Check for Unusual or Exceptional Conditions

Product status

Default status

unaffected

8.0 (custom) before 8.0 U3g

affected

7.0 (custom) before 7.0 U3v

affected

Default status

unaffected

5.x, 4.5.x

affected

Default status

unaffected

5.x, 2.x

affected

Default status

unaffected

2.x

affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/35964

cve.org (CVE-2025-41241)

nvd.nist.gov (CVE-2025-41241)

Download JSON