CVEFinder.io

CVE-2025-41237

⛔ critical
🔍 Scan for this CVE
Summary

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion

Description

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.

CVSS Score
9.3
Critical
EPSS Score
0.0
Exploit Probability
Published Date
2025-07-15
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is High Risk - more severe than 88.7% of all 335,456 vulnerabilities in our database.

#38,042
Top 25% most severe
Severity Percentile
🎯 CISA SSVC Assessment Updated: Jul 15, 2025
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2025-07-15
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE IDs (Weakness Types)

📦 Affected Products 9

🔗 References 1

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-41722 ⚠️ high 8.0 0.3 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with ... 2026-06-08
CVE-2026-41723 ⚠️ high 8.0 0.3 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with ... 2026-06-08
CVE-2026-41724 ⚠️ high 8.0 0.2 VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with ... 2026-06-08
CVE-2026-41702 ⚠️ high 7.8 0.0 VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by ... 2026-05-15
CVE-2026-22719 ⚠️ high 8.1 7.4 VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this is... 2026-02-25
CVE-2026-22720 ⚠️ high 8.0 0.1 VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create... 2026-02-25
These CVEs affect the same products