CNNVD-202507-2066 Information
CNNVD ID
CNNVD-202507-2066
Related CVE
- CNNVD Published: 2025-07-15
Description (Chinese)
VMware ESXi等都是美国威睿(VMware)公司的产品。VMware ESXi是一套可直接安装在物理服务器上的服务器虚拟化平台。VMware Workstation是一套虚拟机软件。VMware Fusion是一套专用于在苹果机(Mac)上运行Windows应用程序的的虚拟机软件。 VMware多款产品存在安全漏洞,该漏洞源于vSockets使用未初始化内存,可能导致信息泄露。以下产品受到影响:VMware ESXi、Workstation、Fusion和VMware Tools。
Description (English)
VMware ESXi and others are products of VMware. VMware ESXi is a virtual platform for servers that can be installed directly on physical servers. VMware Workstation is a virtual machine software. VMware Fusion is a virtual machine software designed to run Windows applications on Mac. There is a safety loophole in VMware ’ s multiple products, which stems from the use of uninitiated memory in vSockets, which could lead to the disclosure of information. The following products were affected: VMware ESXi, Workstation, Fusion and VMware Tools.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Void
Published
2025-07-15
Last Modified
2026-02-24
References
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877 https://nvd.nist.gov/vuln/detail/CVE-2025-41239