cbcvebase.
CVE-2025-41226
published 2025-05-20

CVE-2025-41226: VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a…

medium6.8CVSS 3.1
AVAACLPRLUINSCCNINAH
VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.

Affected

5 ranges
VendorProductVersion rangeFixed in
vmwarecloud_foundation
vmwareesxi>= 7.0 < ESXi70U3sv-24723868ESXi70U3sv-24723868
vmwareesxi>= 8.0 < ESXi80U3se-24659227ESXi80U3se-24659227
vmwaretelco_cloud_infrastructure
vmwaretelco_cloud_platform