VMSA-2025-0016 – VMware vCenter and NSX – Multiple Vulnerabilities
VMware by Broadcom has released VMware vCenter and NSX updates to address multiple vulnerabilities CVE-2025-41250, CVE-2025-41251, CVE-2025-41252. Multiple vulnerabilities in VMware vCenter and NSX were privately reported to Broadcom. Updates are available to remediate these vulnerabilities in affected Broadcom products.
Impacted Products
- VMware NSX
- NSX-T
- VMware Cloud Foundation
- VMware vCenter Server
- VMware Telco Cloud Platform
- VMware Telco Cloud Infrastructure
CVE-2025-41250 | vCenter SMTP header injection vulnerability
Description:
VMware vCenter contains an SMTP header injection vulnerability. Broadcom has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5. A malicious actor with non-administrative privileges on vCenter who has permission to create scheduled tasks may be able to manipulate the notification emails sent for scheduled tasks.
Resolution:
To remediate CVE-2025-41250 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Response Matrix CVE-2025-41250:
| VMware Product | Component | Version | CVE | Severity | Fixed Version | Workarounds | Additional Documentation |
|---|---|---|---|---|---|---|---|
| VMware Cloud Foundation,VMware vSphere Foundation | vCenter | 9.x.x.x | CVE-2025-41250 | Important | 9.0.1.0 | None | None |
| VMware vCenter | N/A | 8.0 | CVE-2025-41250 | Important | 8.0 U3g | None | None |
| VMware vCenter | N/A | 7.0 | CVE-2025-41250 | Important | 7.0 U3w | None | |
| VMware Cloud Foundation | vCenter | 5.x | CVE-2025-41250 | Important | 5.2.2 | None | Async Patching Guide: KB88287 |
| VMware Cloud Foundation | vCenter | 4.5.x | CVE-2025-41250 | Important | Async patch to 7.0 U3w | None | Async Patching Guide: KB88287 |
| VMware Telco Cloud Platform | vCenter | 5.x, 4.x, 3.x, 2.x | CVE-2025-41250 | Important | KB411508 | None | None |
| VMware Telco Cloud Infrastructure | vCenter | 3.x, 2.x | CVE-2025-41250 | Important | KB411508 | None | None |
CVE-2025-41251 | NSX weak password recovery mechanism vulnerability
Description:
VMware NSX contains a weak password recovery mechanism vulnerability. Broadcom has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.1. An unauthenticated malicious actor may exploit this vulnerability to enumerate valid usernames, potentially leading to brute-force attacks.
Resolution:
To remediate CVE-2025-41251 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.
CVE-2025-41252 | NSX username enumeration vulnerability
Description:
VMware NSX contains a username enumeration vulnerability. Broadcom has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5. An unauthenticated malicious actor may exploit this vulnerability to enumerate valid usernames, potentially leading to unauthorized access attempts.
Resolution:
To remediate CVE-2025-41252 apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below to affected deployments.
Response Matrix CVE-2025-41251 & CVE-2025-41252:
| VMware Product | Component | Version | CVE | Severity | Fixed Version | Workarounds | Additional Documentation |
|---|---|---|---|---|---|---|---|
| VMware Cloud Foundation,VMware vSphere Foundation | VMware NSX | 9.x.x.x | CVE-2025-41251, CVE-2025-41252 | Important | 9.0.1.0 | None | None |
| VMware NSX | N/A | 4.2.x | CVE-2025-41251, CVE-2025-41252 | Important | 4.2.2.2, 4.2.3.1 | None | None |
| VMware NSX | N/A | 4.1.x, 4.0.x | CVE-2025-41251, CVE-2025-41252 | Important | 4.1.2.7 | None | None |
| NSX-T | N/A | 3.x | CVE-2025-41251, CVE-2025-41252 | Important | 3.2.4.3 | None | None |
| VMware Cloud Foundation | VMware NSX | 5.x | CVE-2025-41251, CVE-2025-41252 | Important | KB88287 | None | Async Patching Guide: KB88287 |
| VMware Cloud Foundation | VMware NSX | 4.5.x | CVE-2025-41251, CVE-2025-41252 | Important | KB88287 | None | Async Patching Guide: KB88287 |
| VMware Telco Cloud Infrastructure | VMware NSX | 3.x, 2.x | CVE-2025-41251, CVE-2025-41252 | Important | KB411518 | None | None |
| VMware Telco Cloud Platform | VMware NSX | 5.x, 4.x, 3.x | CVE-2025-41251, CVE-2025-41252 | Important | KB411518 | None | None |
You can also check my VMware Product Release page for more information regarding released products, release notes, and download links.
Sources:
Broadcom Blog Post
