- Description
- VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.
- Source
- security@vmware.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.1
- Impact score
- 4
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
- security@vmware.com
- CWE-908
- Hype score
- Not currently trending
VMSA-2025-0013: VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239) Classification: Critical Solution: Official Fix Exploit Maturity: Not Defined Issue date: 2025-07-15 CVSSv3 htt
@endi24
16 Jul 2025
893 Impressions
3 Retweets
4 Likes
4 Bookmarks
2 Replies
0 Quotes
⚠️ VMware ESXi & Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host Read more: https://t.co/LIl3CHzuTP 1. VMware patched CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239 targeting VMXNET3, VMCI, PVSCSI, and vSockets components.
@The_Cyber_News
16 Jul 2025
1237 Impressions
5 Retweets
16 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-41239 VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicio… https://t.co/mUohSaHYGK
@CVEnew
15 Jul 2025
112 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes