VMware security advisory (AV25-263)

Serial number: AV25-263
Date: May 12, 2025

On May 12, 2025, VMware released a security advisory to address a vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in the following products:

• VMware Aria Automation – version 8.18.x
• VMware Cloud Foundation – version 4.x and 5.x
• VMware Telco Cloud Platform – version 5.x

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• MSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)
• Security Advisories - VMware Cloud Foundation