Analysis Summary

CVE-2025-41239 CVSS:7.1

VMware ESXi, Workstation, Fusion, and VMware Tools could allow a local attacker to obtain sensitive information, caused by the usage of an uninitialised memory in vSockets. An attacker could exploit this issue to leak memory from processes communicating with vSockets.

CVE-2025-41238 CVSS:9.3

VMware ESXi, Workstation, and Fusion are vulnerable to a heap-based buffer overflow in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. An attacker could exploit this vulnerability to execute code on the host.

CVE-2025-41237 CVSS:9.3

VMware ESXi, Workstation, and Fusion could allow a local attacker to execute arbitrary code on the system, caused by an integer underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. An attacker could exploit this vulnerability to execute code on the host.

CVE-2025-41236 CVSS:9.3

VMware ESXi, Workstation, and Fusion could allow a local attacker to execute arbitrary code on the system, caused by an integer overflow in the VMXNET3 virtual network adapter. An attacker could exploit this vulnerability to execute code on the host.

Impact

• Gain Access
• Code Execution
• Buffer Overflow
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2025-41239

• CVE-2025-41238

• CVE-2025-41237

• CVE-2025-41236

Affected Vendors

Remediation

Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.

VMware Security Advisory