cbcvebase.
CVE-2025-41227
published 2025-05-20

CVE-2025-41227: VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative…

medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.

Affected

7 ranges
VendorProductVersion rangeFixed in
vmwarecloud_foundation
vmwareesxi>= 7.0 < ESXi70U3sv-24723868ESXi70U3sv-24723868
vmwareesxi>= 8.0 < ESXi80U3se-24659227ESXi80U3se-24659227
vmwarefusion>= 13.x < 13.6.313.6.3
vmwaretelco_cloud_infrastructure
vmwaretelco_cloud_platform
vmwareworkstation>= 17.x < 17.6.317.6.3