Loading

Lifecycle Services with VMware are Vulnerable to third-party Vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239)

Severity:
High,
Critical
Advisory ID:
SD1730
Data pubblicazione:
July 16, 2025
Ultimo aggiornamento:
July 16, 2025
Revision Number:
1.0
Known Exploited Vulnerability (KEV):
No
Corrected:
Workaround:
No
CVE IDs
CVE-2025-41236,
CVE-2025-41237,
CVE-2025-41238,
CVE-2025-41239
Download
The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:
JSON
JSON
JSON
JSON
Riepilogo

Published Date: 7/16/2025

Last updated:7/16/2025

Revision Number: 1.0

 

The security of our products is important to us as your chosen industrial automation supplier. This anomaly was found through a third-party advisory and is being reported based on our commitment to customer transparency and to  improve their business or production environments.

 

AFFECTED PRODUCTS AND SOLUTION

Affected Product

Affected Versions

Corrected in software version

Industrial Data Center (IDC) with VMware

Generations 1 – 4

Refer to Mitigations and Workarounds

VersaVirtual Appliance (VVA) with VMware

Series A & B

Refer to Mitigations and Workarounds

Threat Detection Managed Services (TDMS) with VMware

All

Refer to Mitigations and Workarounds

 

Endpoint Protection Service with Rockwell Automation Proxy & VMware only

All

Refer to Mitigations and Workarounds

 

Engineered and Integrated Solutions with VMware 

All

Refer to Broadcom’s advisory

 

 

Remediations and Workarounds

Users with an active Rockwell Automation Infrastructure Managed Service contract or Threat Detection Managed Service contract:

Rockwell Automation will contact impacted users to discuss actions needed for remediation efforts.

Users without Rockwell Automation managed services contract, refer to Broadcom’s advisories below :

·         Support Content Notification - Support Portal - Broadcom support portal

·         https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html

·         https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html

·         https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html

Additionally, users using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.   

·         Security Best Practices

 

VULNERABILITY DETAILS

Rockwell Automation used v3.1 and v4.0 of the CVSS scoring system to assess the following vulnerabilities.

CVE-2025-41236

An integer-overflow vulnerability exists in the VMXNET3 virtual network adapter used in VMware ESXi, Workstation, and Fusion. Exploitation of this vulnerability can lead to code execution on the host.

 

CVSS 3.1 Base Score: 9.3

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

 

CVSS 4.0 Base Score: 9.4

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Known Exploited Vulnerability (KEV) database:  No

 

CVE-2025-41237

An integer-underflow vulnerability exists in the Virtual Machine Communication Interface (VMCI) of VMware ESXi, Workstation, and Fusion, which can lead to an out-of-bounds write. Exploitation of this vulnerability can lead to code execution on the host.

CVSS 3.1 Base Score: 9.3

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H  

 

CVSS 4.0 Base Score: 9.4

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Known Exploited Vulnerability (KEV) database:  No

 

CVE-2025-41238

A heap-overflow vulnerability exists in the Paravirtualized SCSI (PVSCSI) controller of VMware ESXi, Workstation, and Fusion, which can lead to an out-of-bounds write.    Exploitation of this vulnerability can lead to code execution on the host.

CVSS 3.1 Base Score: 9.3

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H  

 

CVSS 4.0 Base Score: 9.4

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

 

Known Exploited Vulnerability (KEV) database:  No

 

CVE-2025-41239

An information disclosure vulnerability exists in vSockets due to the use of uninitialized memory in VMware ESXi, Workstation, Fusion, and VMware Tools.  Exploitation of this vulnerability can result in the leakage of memory from processes communicating with vSockets.

CVSS 3.1 Base Score: 7.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

 

CVSS 4.0 Base Score: 8.2

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Known Exploited Vulnerability (KEV) database:  No

 

Users can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.

 ADDITIONAL RESOURCES

The following link provides CVE information in Vulnerability Exploitability Exchange (VEX) format, which is machine readable and can be used to automate vulnerability management and tracking activities.    

 

 

Glossary:

  • VMXNET3: virtual network adapter optimized for VMware environments
  • VMware ESXi: hypervisor that enables virtualization of servers
  • VMware Workstation: desktop application that allows users to run multiple operating systems as virtual machines on a single PC
  • VMware Fusion: a macOS application that enables users to run Windows and other operating systems within a virtual environment
  • Code execution: an attacker's ability to run any commands or code of the attacker's choice on a target machine or in a target process
  • Known Exploited Vulnerability (KEV) database: an official list of security flaws that attackers have actively exploited

 

Copyright ©2022 Rockwell Automation, Inc.