CVE-2025-41241

Published: Jul 29, 2025Modified: Jul 29, 2025

4.4

Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Exploitability: 0.7 / Impact: 3.6

Source: security@vmware.com (Secondary)

Description

VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service condition.

Related CWEs

CWE-754

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (1)

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35964

Source: security@vmware.com

Timeline

No history available yet.