CVEFinder.io

CVE-2025-41238

β›” critical
πŸ” Scan for this CVE
Summary

VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write.Β A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead

Description

VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write.Β A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.

CVSS Score
9.3
Critical
EPSS Score
0.0
Exploit Probability
Published Date
2025-07-15
First Seen: 2026-01-05
πŸ“Š Relative Risk Intelligence

This CVE is High Risk - more severe than 88.5% of all 322,079 vulnerabilities in our database.

#36,896
Top 25% most severe
Severity Percentile
🎯 CISA SSVC Assessment Updated: Jul 15, 2025
πŸ” Exploitation Status
None
No known exploits
βš™οΈ Automatable
NO
Requires human interaction
πŸ’₯ Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2025-07-15
Source NVD πŸ”—
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-787

πŸ“¦ Affected Products 8

Vendor Product Status Affected Versions
vmware workstation Affected
≥ 17.x < 17.6.4
vmware fusion Affected
≥ 13.x < 13.6.4
vmware esxi Affected
≥ 7.0 < ESXi70U3w-24784741
vmware esxi Affected
≥ 8.0 < ESXi80U2e-24789317
vmware esxi Affected
≥ 8.0 < ESXi80U3f-24784735
vmware cloud_foundation Affected
v5.x,_4.5.x
vmware telco_cloud_platform Affected
v5.x,_4.x,_3.x,_2.x
vmware telco_cloud_infrastructure Affected
v3.x,_2.x

πŸ”— References 1

https://support.broadcom.com/web/ecx/support-content...

πŸ”— Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-41702 ⚠️ high 7.8 0.0 VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by ... 2026-05-15
CVE-2026-22719 ⚠️ high 8.1 7.4 VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this is... 2026-02-25
CVE-2026-22720 ⚠️ high 8.0 0.1 VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create... 2026-02-25
CVE-2026-22721 πŸ”Ά medium 6.2 0.1 VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to ac... 2026-02-25
CVE-2025-41244 ⚠️ high 7.8 1.0 VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor wit... 2025-09-29
CVE-2025-41250 ⚠️ high 8.5 0.1 VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administrative privileges on... 2025-09-29
These CVEs affect the same products