{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-41226", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2025-04-16T09:29:46.972Z", "datePublished": "2025-05-20T14:24:24.680Z", "dateUpdated": "2025-06-24T07:12:21.964Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ESXi", "vendor": "VMware", "versions": [{"lessThan": "ESXi80U3se-24659227", "status": "affected", "version": "8.0", "versionType": "custom"}, {"lessThan": "ESXi70U3sv-24723868", "status": "affected", "version": "7.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Cloud Foundation", "vendor": "VMware", "versions": [{"status": "affected", "version": "5.x, 4.5.x"}]}, {"defaultStatus": "unaffected", "product": "Telco Cloud Platform", "vendor": "VMware", "versions": [{"status": "affected", "version": "5.x, 4.x, 3.x, 2.x"}]}, {"defaultStatus": "unaffected", "product": "Telco Cloud Infrastructure", "vendor": "VMware", "versions": [{"status": "affected", "version": "3.x, 2.x"}]}], "datePublic": "2025-05-20T11:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "VMware&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation.&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.</span><br></span><br>"}], "value": "VMware\u00a0ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation.\u00a0A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-06-24T07:12:21.964Z"}, "references": [{"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "source": {"discovery": "UNKNOWN"}, "title": "Guest Operations Denial-of-Service Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-20T16:03:58.461704Z", "id": "CVE-2025-41226", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-20T16:05:04.910Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-41226", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-20T16:03:58.461704Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-20T16:04:59.311Z"}}], "cna": {"title": "Guest Operations Denial-of-Service Vulnerability", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "VMware", "product": "ESXi", "versions": [{"status": "affected", "version": "8.0", "lessThan": "ESXi80U3se-24659227", "versionType": "custom"}, {"status": "affected", "version": "7.0", "lessThan": "ESXi70U3sv-24723868", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Cloud Foundation", "versions": [{"status": "affected", "version": "5.x, 4.5.x"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Telco Cloud Platform", "versions": [{"status": "affected", "version": "5.x, 4.x, 3.x, 2.x"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Telco Cloud Infrastructure", "versions": [{"status": "affected", "version": "3.x, 2.x"}], "defaultStatus": "unaffected"}], "datePublic": "2025-05-20T11:30:00.000Z", "references": [{"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "VMware\u00a0ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation.\u00a0A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.", "supportingMedia": [{"type": "text/html", "value": "VMware&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation.&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.</span><br></span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-06-24T07:12:21.964Z"}}}, "cveMetadata": {"cveId": "CVE-2025-41226", "state": "PUBLISHED", "dateUpdated": "2025-06-24T07:12:21.964Z", "dateReserved": "2025-04-16T09:29:46.972Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2025-05-20T14:24:24.680Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "VMware\u00a0ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation.\u00a0A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled."}, {"lang": "es", "value": "VMware ESXi contiene una vulnerabilidad de denegaci\u00f3n de servicio que se produce al ejecutar una operaci\u00f3n de invitado. Un agente malicioso con privilegios de operaci\u00f3n de invitado en una m\u00e1quina virtual, que ya est\u00e9 autenticado mediante vCenter Server o ESXi, podr\u00eda desencadenar este problema y crear una condici\u00f3n de denegaci\u00f3n de servicio en las m\u00e1quinas virtuales invitadas con VMware Tools ejecut\u00e1ndose y las operaciones de invitado habilitadas."}], "id": "CVE-2025-41226", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 4.0, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2025-05-20T15:16:07.670", "references": [{"source": "security@vmware.com", "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "security@vmware.com", "type": "Secondary"}]}

{}

{"created": "2025-06-23T19:31:59.594308+00:00", "updated": "2025-06-23T19:31:59.594356+00:00", "vendors": ["vmware", "vmware$PRODUCT$esxi"]}