CVE-2025-41226
Guest Operations Denial-of-Service Vulnerability
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.8EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
20 may 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Productos afectados
VMware · Cloud FoundationVMware · ESXiVMware · Telco Cloud InfrastructureVMware · Telco Cloud Platform¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →