VMSA-2025-0012 – VMware NSX – Multiple Vulnerabilities
VMware by Broadcom has released VMware NSX updates to address multiple vulnerabilities CVE-2025-22243, CVE-2025-22244, CVE-2025-22245. Multiple vulnerabilities in VMware NSX were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
Impacted Products
- VMware NSX
- Vmware Cloud Foundation
- VMware Telco Cloud Platform
CVE-2025-22243 | Stored Cross-Site Scripting (XSS) vulnerability in Manager-UI
Description:
VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5. A malicious actor with privileges to create or modify network settings may be able to inject malicious code that gets executed when viewing the network settings.
Resolution:
To remediate CVE-2025-22243 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.
CVE-2025-22244 | Stored Cross-Site Scripting (XSS) vulnerability in gateway firewall
Description:
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.9. A malicious actor with access to create or modify the response page for filtering URL may be able to inject malicious code that gets executed when another user tries to access the filtered website.
Resolution:
To remediate CVE-2025-22244 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.
CVE-2025-22245 | Stored Cross-Site Scripting (XSS) vulnerability in router port
Description:
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.9. A malicious actor with privileges to create or modify router ports may be able to inject malicious code that gets executed when another user tries to access the router port.
Resolution:
To remediate CVE-2025-22245 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.
Response Matrix:
| VMware Product | Version | CVE | Severity | Fixed Version | Workarounds |
| VMware NSX | 4.2.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | 4.2.2.1 | None |
| VMware NSX | 4.2.1.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | 4.2.1.4 | None |
| VMware NSX | 4.1.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | 4.1.2.6 | None |
| VMware NSX | 4.0.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | 4.1.2.6 | None |
| VMware Cloud Foundation | 5.2.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | Async patch to NSX 4.2.2.1 | None |
| VMware Cloud Foundation | 5.1.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | Async patch to NSX 4.1.2.6 | None |
| VMware Cloud Foundation | 5.0.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | Async patch to NSX 4.1.2.6 | None |
| VMware Telco Cloud Infrastructure | 3.x, 2.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | KB396986 | None |
| VMware Telco Cloud Platform | 5.x, 4.x, 3.x | CVE-2025-22243, CVE-2025-22244, CVE-2025-22245 | Important | KB396986 | None |
You can also check my VMware Product Release page for more information regarding released products, release notes, and download links.
Sources:
Broadcom Blog Post
