VMware has released a critical security advisory (VMSA-2025-0009) addressing three newly discovered vulnerabilities in its flagship VMware Cloud Foundation platform.
The flaws, tracked as CVE-2025-41229, CVE-2025-41230, and CVE-2025-41231, were privately reported and have been rated with CVSSv3 base scores ranging from 7.3 to 8.2, placing them in the “Important” severity category.
The vulnerabilities impact VMware Cloud Foundation versions 4.5.x and 5.x, with no available workarounds, making immediate patching essential.
Technical Details: Directory Traversal, Information Disclosure, and Missing Authorization
The three vulnerabilities each pose distinct risks to enterprise environments:
- CVE-2025-41229: Directory Traversal Vulnerability
This flaw allows a malicious actor with network access to port 443 to exploit directory traversal, potentially accessing restricted internal services. - With a CVSSv3 score of 8.2, this vulnerability is the most severe of the trio. Directory traversal vulnerabilities occur when attackers manipulate file paths to access files and directories outside the intended scope, bypassing security controls.
- CVE-2025-41230: Information Disclosure Vulnerability
Rated at 7.5 on the CVSSv3 scale, this vulnerability enables attackers, again via port 443, to retrieve sensitive information through a vulnerable endpoint. - Information disclosure flaws can expose confidential data such as configuration files, credentials, or internal network details, increasing the risk of further compromise.
- CVE-2025-41231: Missing Authorization Vulnerability
With a CVSSv3 score of 7.3, this vulnerability could allow unauthorized actions and access to limited sensitive information if exploited by someone with access to the VMware Cloud Foundation appliance. Missing authorization vulnerabilities occur when proper access controls are not enforced, allowing users to perform actions beyond their privileges.
All three issues were responsibly disclosed by Gustavo Bonito of the NATO Cyber Security Centre (NCSC), highlighting the importance of coordinated vulnerability disclosure in maintaining enterprise security.
Patch Guidance and Response Matrix
VMware has released fixed versions to address these vulnerabilities. Organizations running VMware Cloud Foundation 5.x should upgrade to version 5.2.1.2, while those on 4.5.x should refer to knowledge base article KB398008 for remediation steps.
The response matrix is as follows:
| Product | Versions Affected | CVEs Addressed | Fixed Version | CVSSv3 Scores | Workarounds |
|---|---|---|---|---|---|
| VMware Cloud Foundation | 5.x | CVE-2025-41229, CVE-2025-41230, CVE-2025-41231 | 5.2.1.2 | 8.2, 7.5, 7.3 | None |
| VMware Cloud Foundation | 4.5.x | CVE-2025-41229, CVE-2025-41230, CVE-2025-41231 | KB398008 | 8.2, 7.5, 7.3 | None |
No workarounds are available, so prompt application of the official updates is the only mitigation path.
VMware has not reported any evidence of these vulnerabilities being exploited in the wild as of the advisory’s publication.
Organizations are urged to review their VMware Cloud Foundation deployments and apply the recommended updates immediately to mitigate the risk posed by these vulnerabilities.
For additional details and download links, administrators should consult the official VMware documentation and release notes.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
%20(1).webp?resize=1600,900&ssl=1&description=The vulnerabilities impact VMware Cloud Foundation versions 4.5.x and 5.x, with no available workarounds, making immediate patching essential.){kind=link}