Serial number: AV25-286
Date: May 20, 2025
On May 20, 2025, VMware released security advisories to address vulnerabilities in the following products:
- vCenter Server – versions 7.0 and 8.0
- VMware ESXi – versions 7.0 and 8.0
- VMware Cloud Foundation (vCenter) – versions 4.5.x and 5.x
- VMware Cloud Foundation (ESXi) – versions 4.5.x and 5.x
- VMware Fusion – versions 13.x
- VMware Telco Cloud Platform (ESXi) – versions 2.x, 3.x, 4.x and 5.x
- VMware Telco Cloud Infrastructure (ESXi) – versions 2.x and 3.x
- VMware Telco Cloud Platform (vCenter) – versions 2.x, 3.x, 4.x and 5.
- VMware Telco Cloud Infrastructure (vCenter) – versions 2.x and 3.x
- VMware Workstation – versions 13.x and 17.x
The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.
- VMSA-2025-0009 : VMware Cloud Foundation updates address multiple vulnerabilities (CVE-2025-41229, CVE-2025-41230, CVE-2025-41231)
- VMSA-2025-0010 : VMware ESXi, vCenter Server, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)
- Security Advisories - VMware Cloud Foundation