EN / AU & NZ
Huon IT
Critical VMware ESXi and Vmware Tools updates to address multiple security vulnerabilities
Broadcom (VMware) has published an update on multiple security vulnerabilities for their products VMware ESXi and VMware Tools.
VMware has released an update to patch multiple security vulnerabilities for their products VMware ESXi, vCenter Server, Workstation, and Fusion. These are listed as CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 with a severity classification as high.
| VMware Product | Version | Running On | CVE | CVSSv3 | Severity | Fixed Version |
|---|---|---|---|---|---|---|
| vCenter Server | 8.0 | Any | CVE-2025-41225, CVE-2025-41228 | 8.8, 4.3 | Important | 8.0 U3e |
| vCenter Server | 7.0 | Any | CVE-2025-41225 | 8.8 | Important | 7.0 U3v |
| VMware ESXi | 8.0 | Any | CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 | 6.8, 5.5, 4.3 | Moderate | ESXi80U3se-24659227 |
| VMware ESXi | 7.0 | Any | CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 | 6.8, 5.5, 4.3 | Moderate | ESXi70U3sv-24723868 |
| VMware Cloud Foundation (vCenter) | 5.x | Any | CVE-2025-41225, CVE-2025-41228 | 8.8, 4.3 | Important | Async patch to 8.0 U3e |
| VMware Cloud Foundation (vCenter) | 4.5.x | Any | CVE-2025-41225 | 8.8 | Important | Async patch to 7.0 U3v |
| VMware Cloud Foundation (ESXi) | 5.x | Any | CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 | 6.8, 5.5, 4.3 | Moderate | Async patch to ESXi80U3se-24659227 |
| VMware Cloud Foundation (ESXi) | 4.5.x | Any | CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 | 6.8, 5.5, 4.3 | Moderate | Async patch to ESXi70U3sv-24723868 |
| VMware Telco Cloud Platform (ESXi) | 5.x, 4.x, 3.x, 2.x | Any | CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 | 6.8, 5.5, 4.3 | Moderate | ESXi80U3se-24659227 |
| VMware Telco Cloud Infrastructure (ESXi) | 3.x | Any | CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 | 6.8, 5.5, 4.3 | Moderate | ESXi80U3se-24659227 |
| VMware Telco Cloud Infrastructure (ESXi) | 2.x | Any | CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 | 6.8, 5.5, 4.3 | Moderate | ESXi70U3sv-24723868 |
| VMware Telco Cloud Platform (vCenter) | 5.x, 4.x, 3.x, 2.x | Any | CVE-2025-41225, CVE-2025-41228 | 8.8, 4.3 | Important | 8.0 U3e |
| VMware Telco Cloud Infrastructure (vCenter) | 3.x | Any | CVE-2025-41225 | 8.8 | Important | 8.0 U3e |
| VMware Telco Cloud Infrastructure (vCenter) | 2.x | Any | CVE-2025-41225 | 8.8 | Important | 7.0 U3v |
| VMware Workstation | 17.x | Any | CVE-2025-41227 | 5.5 | Moderate | 17.6.3 |
| VMware Fusion | 13.x | macOS | CVE-2025-41227 | 5.5 | Moderate | 13.6.3 |
Please note: If you are using 3rd party applications like Zerto Replication, then you will need to wait until these updates are supported before patching. Huon IT strongly recommends that you action and update where appropriate.
Critical VMware ESXi updates to address multiple security vulnerabilities
VMware has released an update to patch multiple security vulnerabilities for their products VMware ESXi, Workstation and Fusion. These are listed as...
Urgent: Critical Vulnerability Patched in Veeam Backup and Replication 12.3.0.310
A critical vulnerability has been patched in the latest update of Veeam Backup and Replication 12.3.0.310. This vulnerability affects all earlier...