Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

VMware vCenter Server and NSX multiple vulnerabilities

Vulnerability
First reported
Last updated
Happening score
H score 23
1 unique sources, 1 articles

Summary

Hide ▲

Broadcom's VMware vCenter Server and NSX fixes address multiple high-severity vulnerabilities that could enable unauthorized login attempts, privilege escalation, and sensitive communication redirection across enterprise and telecom deployments. The set includes CVE-2025-41250, an SMTP header injection flaw in vCenter with CVSSv3 8.5, plus CVE-2025-41251 and CVE-2025-41252, which let unauthenticated attackers enumerate valid usernames in NSX. Broadcom said no workarounds are available and urged administrators to install the fixed versions immediately.

Related Happenings

CISA KEV remediation deadline for CVE-2026-22719

Public Sector Action
First: 04.03.2026 06:35 Last: 04.03.2026 06:35 Sources 1

About this happening: The **U.S. Cybersecurity and Infrastructure Security Agency (CISA)** added **CVE-2026-22719** to the **Known Exploited Vulnerabilities (KEV) catalog**, requiring **Federal Civilia...

Open Happening

VMware ESXi arbitrary-write sandbox escape (CVE-2025-22225)

Vulnerability
First: 04.02.2026 19:38 Last: 04.02.2026 19:38 Sources 1

About this happening: **CVE-2025-22225** is now confirmed in **ransomware campaigns**, making the **VMware ESXi** sandbox-escape flaw an active risk for exposed virtualization hosts. **Broadcom** patch...

Open Happening

Broadcom VMware vCenter Server and Cloud Foundation patch advisory (CVE-2024-37079)

Advisory/Mitigation
First: 26.01.2026 13:49 Last: 26.01.2026 13:49 Sources 1

About this happening: **Broadcom** told customers to apply security patches for **CVE-2024-37079** in **vCenter Server** and **Cloud Foundation**, after the flaw was tied to **active exploitation** and...

Open Happening

Broadcom VMware vCenter Server DCE/RPC heap overflow actively exploited remote code execution flaw (CVE-2024-37079)

Vulnerability
First: 24.01.2026 10:09 Last: 24.01.2026 10:09 Sources 1

About this happening: **CISA** added **CVE-2024-37079** affecting **Broadcom VMware vCenter Server** to its **KEV catalog** after confirming **active exploitation in the wild**. The critical **DCE/RPC...

Open Happening

Warp Panda Brickstorm VMware vCenter targeting campaign

Campaign
First: 04.12.2025 20:19 Last: 04.12.2025 20:19 Sources 1

About this happening: A **Warp Panda** targeting campaign using **Brickstorm** reached **VMware vCenter** servers on the networks of **U.S. legal, technology, and manufacturing companies** throughout *...

Open Happening

Timeline

  1. 01.10.2025 18:45 2 articles · 7mo ago

    Broadcom discloses VMware vCenter and NSX security updates

    Initial Disclosure

    Broadcom released security updates for VMware NSX and VMware vCenter Server to address CVE-2025-41250, CVE-2025-41251, and CVE-2025-41252 across VMware Cloud Foundation, NSX-T, VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure. CVE-2025-41250 is an SMTP header injection bug in vCenter with a CVSSv3 base score of 8.5, no known workarounds, and a recommendation to install fixed versions immediately, while the two NSX flaws let unauthenticated attackers enumerate valid usernames and may support brute-force or unauthorized login attempts. Broadcom also disclosed CVE-2025-41244, CVE-2025-41245, and CVE-2025-41246 in VMware Aria Operations and VMware Tools, which could enable root privilege escalation, credential theft, or guest VM access.

    Show sources
    Open in new tab