CVE-2025-41225 Information

Description

The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server.

Reference

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717