CVE-2025-41236: 
VMware Workstation vulnerability analysis and mitigation

VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter, identified as CVE-2025-41236. The vulnerability was discovered in July 2025 and affects VMware ESXi versions 7.0 and 8.0, Workstation Pro 17.x, and Fusion 13.x. This critical vulnerability has received a CVSS v3.1 base score of 9.3 (VMware Advisory, Cyber Security News).

The vulnerability specifically targets the VMXNET3 virtual network adapter component, while other virtual adapters remain unaffected. The flaw stems from an integer-overflow condition that could lead to code execution. The vulnerability was discovered by Nguyen Hoang Thach of STARLabs SG during the Pwn2Own competition (Bleeping Computer, VMware Advisory).

A successful exploitation of this vulnerability allows malicious actors with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter to execute arbitrary code on the host system. This could potentially lead to complete compromise of the host system where the virtualization software is installed (VMware Advisory, Cyber Security News).

Broadcom has released patches to address this vulnerability. Organizations should upgrade to ESXi80U3f-24784735 for ESXi 8.0, ESXi70U3w-24784741 for ESXi 7.0, Workstation Pro 17.6.4, and Fusion 13.6.4. No workarounds are available, making it critical to apply the provided patches (VMware Advisory).