CyberHappenings logo

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

High-Severity VMware NSX Vulnerabilities Patched by Broadcom

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Broadcom has released security updates to address two high-severity vulnerabilities in VMware NSX, reported by the U.S. National Security Agency (NSA). These flaws, CVE-2025-41251 and CVE-2025-41252, affect the password recovery mechanism and username enumeration, respectively. Both can be exploited by unauthenticated attackers to enumerate valid usernames, potentially leading to brute-force attacks or unauthorized access. VMware NSX is a networking virtualization solution within VMware Cloud Foundation, enabling the deployment of traditional and modern applications in private/hybrid clouds. The vulnerabilities highlight the ongoing risk of state-sponsored and cybercriminal exploitation of VMware products.

Timeline

  1. 30.09.2025 15:10 1 articles · 4h ago

    Broadcom patches high-severity VMware NSX vulnerabilities

    Broadcom released security updates to fix two high-severity vulnerabilities in VMware NSX, reported by the NSA. The flaws, CVE-2025-41251 and CVE-2025-41252, affect the password recovery mechanism and username enumeration, respectively. Both can be exploited by unauthenticated attackers to enumerate valid usernames, potentially leading to brute-force attacks or unauthorized access. Additionally, Broadcom patched a high-severity SMTP header injection vulnerability in VMware vCenter and disclosed three more security flaws in VMware Aria Operations and VMware Tools.

    Show sources

Information Snippets