VMSA-2025-0013: Security Updates for VMware ESXi, Workstation, Fusion, Tools

Posted on 2025-07-16 by guenni

VMware[German]VMware by Broadcom has published a security warning on July 15, 2025 regarding various vulnerabilities in VMware ESXi, Workstation, Fusion and VMware Tools, which urgently need to be patched with security updates. It is unclear how users without a Broadcom account can access the updates.

I received the information hours ago from various readers (thanks for that), but it can also be found on the web and in the following tweet.

Vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools

VMware by Broadcom has announced in the security alert VMSA-2025-0013 that there are several vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239) in VMware ESXi, Workstation, Fusion and the VMware tools. With a CVSS base score of 7.1-9.3, some of the vulnerabilities are critical.

  • CVE-2025-41236 is a VMXNET3 integer overflow vulnerability; CVSSv3 score 9.3; critical; A malicious actor with local administrative privileges on a virtual machine with a VMXNET3 virtual network adapter can exploit this issue to execute code on the host. VMware ESXi, Workstation and Fusion are affected. Virtual adapters without VMXNET3 are not affected by this issue.
  • CVE-2025-41237 is a VMCI integer underflow vulnerability, CVSSv3 score 9.3; critical; A malicious actor with local administrative privileges on a virtual machine can exploit this issue to execute code as a virtual machine VMX process on the host. On ESXi, the vulnerability is exploited within the VMX sandbox, while on Workstation and Fusion this can lead to code execution on the machine where Workstation or Fusion is installed. VMware ESXi, Workstation and Fusion are affected by the integer underflow in VMCI (Virtual Machine Communication Interface), which leads to an out-of-bounds write.
  • CVE-2025-41238: PVSCSI heap overflow vulnerability; CVSSv3 score 9.3; critical; A malicious actor with local administrative privileges on a virtual machine can exploit this issue to execute code as a virtual machine VMX process on the host. On ESXi, the exploit is contained in the VMX sandbox and can only be exploited with unsupported configurations. On Workstation and Fusion, this can lead to code execution on the machine where Workstation or Fusion is installed. VMware ESXi, Workstation and Fusion are affected by the out-of-bounds write.
  • CVE-2025-41239: vSockets disclosure vulnerability; CVSSv3 score 7.1; Important; A malicious actor with local administrative privileges on a virtual machine could read memory from processes communicating with vSockets and leak sensitive information. The use of uninitialized memory in vSockets affects VMware ESXi, Workstation, Fusion and VMware Tools.

VMware by Broadcom has published a table with links to the available updates under VMSA-2025-0013. However, this requires a login to the Broadcom Support Portal.

The colleagues from deskmodder.de have referred to the release of VMware Workstation Pro 17.6.4, Fusion 13.6.4 and VMware Tools 13.0.1.0 in this article and also linked to the downloads for the security updates. Also VMware Tools 12.5.3 are fixing the vulnerabilities. The downloads (without an account) can be fond via this link (thanks to Thorsten).

This entry was posted in Security, Update, Virtualization and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).