CVE-2025-41236: 
VMware Workstation vulnerability analysis and mitigation

VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter identified as CVE-2025-41236. The vulnerability was discovered by Nguyen Hoang Thach of STARLabs SG through the Pwn2Own competition and disclosed on July 15, 2025. This critical vulnerability affects VMware ESXi versions 7.0/8.0, Workstation Pro 17.x, Fusion 13.x, and enterprise platforms including Cloud Foundation and Telco Cloud (Broadcom Advisory, Security Online).

The vulnerability has been assigned a Critical severity rating with a CVSS v3.1 base score of 9.3. The integer-overflow vulnerability specifically targets the VMXNET3 virtual network adapter component, while other virtual adapters remain unaffected. The technical assessment indicates that the flaw creates conditions that could lead to arbitrary code execution within the host system context (Cybersecurity News, Broadcom Advisory).

A successful exploitation of this vulnerability could allow attackers with local administrative privileges on a virtual machine equipped with VMXNET3 virtual network adapter to execute arbitrary code on the host system. This represents a significant security risk as it enables complete virtual machine breakout capabilities, potentially compromising the entire virtualization infrastructure (Security Online, Cybersecurity News).

Broadcom has released patches to address this vulnerability across all affected products. The fixes are available in ESXi updates ESXi80U3f-24784735 and ESXi70U3w-24784741, Workstation Pro 17.6.4, and Fusion 13.6.4. Organizations are strongly advised to apply these security updates immediately to protect their virtualization infrastructure. No workarounds are available for this vulnerability (Broadcom Advisory).