6.8
CVE-2025-41226
- EPSS 0.13%
- Veröffentlicht 20.05.2025 14:24:24
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle security@vmware.com
- CVE-Watchlists
- Unerledigt
Guest Operations Denial-of-Service Vulnerability
VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerVMware
≫
Produkt
ESXi
Default Statusunaffected
Version
8.0
Version <
ESXi80U3se-24659227
Status
affected
Version
7.0
Version <
ESXi70U3sv-24723868
Status
affected
HerstellerVMware
≫
Produkt
Cloud Foundation
Default Statusunaffected
Version
5.x, 4.5.x
Status
affected
HerstellerVMware
≫
Produkt
Telco Cloud Platform
Default Statusunaffected
Version
5.x, 4.x, 3.x, 2.x
Status
affected
HerstellerVMware
≫
Produkt
Telco Cloud Infrastructure
Default Statusunaffected
Version
3.x, 2.x
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.321 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@vmware.com | 6.8 | 2.3 | 4 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.