Overview Recently, NSFOCUS CERT detected that VMware issued a security bulletin to fix the command execution vulnerability (CVE-2025-41225) of VMware vCenter Server; Due to an authenticated command execution vulnerability in VMware vCenter Server, an attacker with permissions to create or modify alerts and run scripts can exploit this vulnerability to...
Tag: VMware
VMware ESXi & Workstation & Fusion Multiple High-risk Vulnerabilities (CVE-2025-22224/CVE-2025-22225/CVE-2025-22226)
Overview Recently, NSFOCUS CERT detected that VMware issued a security announcement and fixed multiple high-risk vulnerabilities (CVE-2025-22224/CVE-2025-22225/CVE-2025-22226) in VMware ESXi&Workstation&Fusion. At present, all the 3 vulnerabilities have been found to be exploited in the wild. Please take protective measures as soon as possible. CVE-2025-22224: There is a TOCTOU (CheckTime-of-use) write...
VMware Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)
Overview Recently, NSFOCUS CERT detected an Authentication Bypass vulnerability in VMware Aria Operations for Networks. Due to the lack of unique cryptographic key generation, Aria Operations for Networks is susceptible to an authentication bypass vulnerability. Attackers with network access to Aria Operations for Networks could bypass SSH authentication to gain...
VMware vCenter Server Multiple High Risk Vulnerabilities Notification
Overview Recently, NSFOCUS CERT found that VMware's official security announcement disclosed multiple vulnerabilities in VMware vCenter Server, which could be used by attackers to cause remote code execution, cross-border write and read, etc. Currently, the official version has been updated and fixed. Affected users should take protective measures as soon...
VMware Aria Operations for Networks Remote Code Execution Vulnerability (CVS 2023-20887) Notification
Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in VMware Aria Operations for Networks. Due to a specific flaw in the createSupportBundle method, the string entered by the user is not properly validated when executing system calls. Unauthenticated remote attackers can exploit this vulnerability through command injection, ultimately...
VMware Carbon Black App Control Remote Code Execution Vulnerability (CVE-2023-20858) Notification
Overview Recently, NSFOCUS CERT found that VMware has officially fixed an App Control injection vulnerability (CVE-2023-20858). Due to flaws in product verification of user-input content, attackers with App Control management console permissions can access the underlying server operating system by entering specially crafted data, and ultimately achieve arbitrary code execution...
