CVE-2025-41241
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-29
Last updated on: 2025-07-29
Assigner: VMware
Description
Description
VMware vCenter contains a denial-of-service vulnerability.Β A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service condition.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vmware | vcenter | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-754 | The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in VMware vCenter is a denial-of-service issue that can be triggered by a malicious authenticated user who has permission to perform API calls for guest OS customization. Exploiting this vulnerability can cause the vCenter service to become unavailable.
How can this vulnerability impact me? :
The impact of this vulnerability is a denial-of-service condition, which means that an attacker with the required permissions can disrupt the availability of the VMware vCenter service, potentially affecting management and operation of virtual environments.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70