Broadcom Addresses Critical Vulnerabilities in VMware ESXi, Workstation, and Fusion

Broadcom has issued an urgent advisory addressing four critical vulnerabilities affecting VMware ESXi, Workstation, Fusion, and Tools, with CVSS scores reaching as high as 9.3. These flaws, reported through Pwn2Own by prominent security researchers, pose significant risks to organizations running virtualized infrastructure.

CVE-2025-41236 – Integer Overflow in VMXNET3 (CVSS 9.3)

This flaw affects the VMXNET3 virtual network adapter in ESXi, Workstation, and Fusion. A local attacker with admin access on a virtual machine could exploit the bug to execute arbitrary code on the host system. Only VMs using the VMXNET3 adapter are vulnerable. Other virtual adapters are unaffected.

CVE-2025-41237 – Integer Underflow in VMCI (CVSS 9.3)

A critical out-of-bounds write vulnerability in VMCI (Virtual Machine Communication Interface) allows local attackers to execute code as the VMX process—a severe escalation with host compromise implications.

“On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed,” Broadcom clarified.

CVE-2025-41238 – Heap Overflow in PVSCSI (CVSS 9.3)

A heap-overflow vulnerability in the Paravirtualized SCSI (PVSCSI) controller permits attackers to write out of bounds and potentially execute code on the host.

“On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported,” the advisory notes. However, Workstation and Fusion deployments are at higher risk.

CVE-2025-41239 – Information Disclosure in vSockets (CVSS 7.1)

This Important-severity vulnerability stems from uninitialized memory usage in the vSockets component, enabling data leakage from processes communicating via virtual sockets.

“A malicious actor… may be able to exploit this issue to leak memory from processes,” Broadcom explained.

Remediation and Patch Guidance

Patches are available for all affected products, including:

• ESXi versions: 7.x, 8.x, and 9.x
• Workstation: 17.6.4
• Fusion: 13.6.4
• VMware Tools (Windows): 13.0.1.0, 12.5.3

The full matrix of fixed versions is available in Broadcom’s official advisory and support pages.

“Updates are available to remediate these vulnerabilities in affected Broadcom products,” the company announced, urging users to patch immediately.

Related Posts:

• VmWare releases the patch to fix CPU vulnerabilities in VMware ESXi, Workstation and Fusion
• VmWare release the patch to fix use-after-free and integer-overflow vulnerabilities
• Broadcom’s Game-Changing Move: VMware Fusion and Workstation Now Free for All Users
• Broadcom Fixes RCE, DoS, XSS in VMware ESXi, vCenter, Workstation