5.5
CVE-2025-41227
- EPSS 0.03%
- Published 20.05.2025 14:24:29
- Last modified 21.05.2025 20:25:16
- Source security@vmware.com
- Teams watchlist Login
- Open Login
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorVMware
≫
Product
ESXi
Default Statusunaffected
Version <
ESXi80U3se-24659227
Version
8.0
Status
affected
Version <
ESXi70U3sv-24723868
Version
7.0
Status
affected
VendorVMware
≫
Product
Cloud Foundation
Default Statusunaffected
Version
5.x, 4.5.x
Status
affected
VendorVMware
≫
Product
Telco Cloud Platform
Default Statusunaffected
Version
5.x, 4.x, 3.x, 2.x
Status
affected
VendorVMware
≫
Product
Telco Cloud Infrastructure
Default Statusunaffected
Version
3.x, 2.x
Status
affected
VendorVMware
≫
Product
Workstation
Default Statusunaffected
Version <
17.6.3
Version
17.x
Status
affected
VendorVMware
≫
Product
Fusion
Default Statusunaffected
Version <
13.6.3
Version
13.x
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.07 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| security@vmware.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.