Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. High-Severity Vulnerability in VMware vCenter Server
Alerts

High-Severity Vulnerability in VMware vCenter Server

26 May 2025

Broadcom has released security updates addressing a vulnerability in VMware vCenter Server. Users and administrators of affected products are advised to update to the latest versions.

High-Severity Vulnerability in VMware vCenter Server

Background

Broadcom has released security updates addressing a vulnerability (CVE-2025-41225) in VMware vCenter Server.

Impact

Successful exploitation of the vulnerability could allow an authenticated attacker, with privileges to create or modify alarms and execute script action, to execute arbitrary commands on the vulnerable server.

Affected Products

The vulnerability affects the following products:

  • vCenter Server versions 7.0 and 8.0

  • VMware Cloud Foundation versions 4.5.x and 5.x

  • VMware Telco Cloud Platform versions 2.x, 3.x, 4.x and 5.x

  • VMware Telco Cloud Infrastructure versions 2.x and 3.x

Mitigation

Users and administrators of affected products are advised to update to the latest versions.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-41225

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717

https://cybersecuritynews.com/vmware-esxi-vcenter-vulnerability/amp/


Back to top