Summary

Vulnerability NameVMware vCenter Server Authenticated Command-Execution Vulnerability (CVE-2025-41225)
Released onMay 21, 2025
Affected ComponentVMware vCenter
Affected Version

vCenter Server 7.0 < 7.0 U3v

vCenter Server 8.0 < 8.0 U3e

Vulnerability TypeCommand execution
Exploitation Condition
  1. User authentication: required.
  2. Precondition: default configurations.
  3. Trigger mode: remote.
Impact

Exploitation difficulty: easy. Attackers with specific privileges can exploit this vulnerability to execute arbitrary commands.

Severity: high-risk. This vulnerability may lead to arbitrary command execution.

Official SolutionAvailable

About the Vulnerability

Component Introduction VMware vCenter is a type of advanced server management software that provides a centralized platform for controlling vSphere environments for visibility across hybrid clouds. Vulnerability Description On May 21, 2025, Sangfor FarSight Labs received notification of the authenticated command-execution vulnerability in VMware vCenter (CVE-2025-41225), classified as high-risk in threat level. Specifically, VMware vCenter Server contains a command execution vulnerability. Attackers with privileges to create or modify alarms and run scripts can exploit this vulnerability to run arbitrary commands on the vCenter Server, leading to server compromises.

Affected Versions

The following VMware vCenter versions are affected: vCenter Server 7.0 < 7.0 U3v vCenter Server 8.0 < 8.0 U3e vCenter Server of other earlier versions that are no longer maintained

Solutions

Official Solution

Security patches have been officially released to fix the vulnerability. Affected users are advised to apply one of the following patches at the earliest opportunity:

vCenter Server 7.0 U3v

vCenter Server 8.0 U3e

Since other earlier versions of vCenter Server are also affected, users of such versions are advised to apply the 7.0 or 8.0 security patch as needed.

Download links:

https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/vcenter-server-update-and-patch-release-notes/vsphere-vcenter-server-80u3e-release-notes.html
https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/vcenter-server-update-and-patch-releases/vsphere-vcenter-server-70u3v-release-notes.html

Sangfor Solutions

Risky Asset Discovery

The following Sangfor products can conduct proactive detection on VMware vCenter to discover affected assets in batches in business scenarios:

Sangfor Host Security: The corresponding asset discovery solution has been released. The fingerprint ID is 0010456.

Sangfor TSS: The corresponding asset discovery solution has been released. The fingerprint ID is 0010456.

Timeline

On May 21, 2025, Sangfor FarSight Labs received notification of the authenticated command-execution vulnerability in VMware vCenter (CVE-2025-41225).

On May 21, 2025, Sangfor FarSight Labs released a vulnerability alert.

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717

Learn More

Sangfor FarSight Labs researches the latest cyber threats and unknown zero-day vulnerabilities, alerting customers to potential dangers to their organizations, and providing real-time solutions with actionable intelligence. Sangfor FarSight Labs works with other security vendors and the security community at large to identify and verify global cyber threats, providing fast and easy protection for customers.

Listen To This Post

Search

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Name
Email Address
Business Phone Number
Tell us about your project requirements

Related Articles

CVE-2025-5419: Out-of-Bounds Read/Write Vulnerability in V8 in Google Chrome

Date : 03 Jun 2025
Read Now

Roundup of Microsoft Patch Tuesday (May 2025)

Date : 15 May 2025
Read Now

CVE-2025-31644: Command Injection in Appliance Mode in F5 BIG-IP

Date : 14 May 2025
Read Now

See Other Product

Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)
Sangfor Network Secure - Next Generation Firewall
Platform-X
Sangfor Access Secure - A SASE Solution