Broadcom Product Security Update Advisory

Oct 13 2025

Overview

We have released a security update to fix vulnerabilities in Broadcom products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-41244

VMware Cloud Foundation (VMware Cloud Foundation Operations) Versions: 9.0.0.0 or later and less than 9.0.1.0
VMware vSphere Foundation (VMware Cloud Foundation Operations) Versions: 9.0.0.0 or later and less than 9.0.1.0
VMware Cloud Foundation (VMware Tools) Version: 13.0.0.0 or later and less than 13.0.5.0
VMware vSphere Foundation (VMware Tools) Version: 13.0.0.0 or later and less than 13.0.5.0
VMware Aria Operations Version: 8.0 or later but less than 8.18.5
VMware Tools Version: 13.0.0 or later and less than 13.0.5
VMware Tools version: 12.0.0 or later and less than 12.5.4
VMware Tools Version: 11.0.0 or later
VMware Cloud Foundation Version: 5.0 or later
VMware Cloud Foundation Version: 4.0 or later
VMware Telco Cloud Platform Version: 5.0 or later
VMware Telco Cloud Platform Version: 4.0 or later
VMware Telco Cloud Infrastructure Version: 3.0 or later
VMware Telco Cloud Infrastructure version: 2.0 or later

CVE-2025-41246

VMware Cloud Foundation (VMware Tools) Version: 13.0.0.0 or later and less than 13.0.5.0
VMware vSphere Foundation (VMware Tools) Version: 13.0.0.0 or later and less than 13.0.5.0
VMware Tools Version: 13.0.0 or later but less than 13.0.5
VMware Tools Version: 12.0.0 or later but less than 12.5.4
VMware Tools version: 11.0.0 or later

Resolved Vulnerabilities

Local privilege escalation vulnerability in VMware Aria Operations and VMware Tools (CVE-2025-41244)
Improper authorization vulnerability due to the way user access control is handled in VMware Tools for Windows (CVE-2025-41246)

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-41244

VMware Cloud Foundation (VMware Cloud Foundation Operations) Version: 9.0.1.0
VMware vSphere Foundation (VMware Cloud Foundation Operations) Version: 9.0.1.0
VMware Cloud Foundation (VMware Tools) Version: 13.0.5.0
VMware vSphere Foundation (VMware Tools) Version: 13.0.5.0
VMware Aria Operations Version: 8.18.5
VMware Tools Version:13.0.5
VMware Tools Version: 12.5.4
VMware Cloud Foundation version: KB92148
VMware Telco Cloud Platform Version: 8.18.5
VMware Telco Cloud Infrastructure Version: 8.18.5

CVE-2025-41246

VMware Cloud Foundation (VMware Tools) Version: 13.0.5.0
VMware vSphere Foundation (VMware Tools) Version: 13.0.5.0
VMware Tools Version: 13.0.5
VMware Tools Version: 12.5.4

References

[1] VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdviso..

Broadcom Product Security Update Advisory

Google Chrome Browser (141.0.7390.65/.66) Security Update Advisory

Microsoft Edge browser (141.0.3537.71) version security update advisory

Tags:

Google Chrome Browser (141.0.7390.65/.66) Security Update Advisory

Microsoft Edge browser (141.0.3537.71) version security update advisory