Broadcom knowledgeable prospects this week that a number of VMware product vulnerabilities disclosed earlier this yr on the Pwn2Own hacking competitors have been patched.
Contributors earned greater than $1 million on the Pwn2Own Berlin 2025 competitors organized by Development Micro’s Zero Day Initiative (ZDI). Greater than $340,000 was paid out for exploits concentrating on VMware merchandise.
The STARLabs SG workforce earned $150,000 for exploiting a single integer overflow bug to hack VMware ESXi.
In accordance with Broadcom’s advisory, this important bug impacts the VMXNET3 digital community adapter and it may well permit an attacker with native admin privileges on a VM that makes use of the adapter to execute arbitrary code on the host. The safety gap is tracked as CVE-2025-41236.
The REverse Techniques workforce earned $112,500 for an ESXi exploit involving two bugs. The quantity is decrease than the one earned by STARLabs SG as a result of one of many flaws was identified to Broadcom.
REverse Techniques has been credited by Broadcom for 2 CVEs: CVE-2025-41237, a important out-of-bounds write vulnerability that may be exploited by a privileged attacker on a VM to execute arbitrary code on the host, and CVE-2025-41239, a high-severity concern that permits a privileged attacker to leak reminiscence.
A researcher from Theori, an organization that was additionally represented at Pwn2Own however didn’t goal VMware, has additionally been credited for independently discovering CVE-2025-41239.
Lastly, the Synacktiv workforce earned $80,000 at Pwn2Own for a VMware Workstation exploit. Broadcom’s advisory credit Synacktiv for CVE-2025-41238, a important out-of-bounds write concern that may permit an attacker with native admin privileges on a VM to execute arbitrary code on the host. Commercial. Scroll to proceed studying.
The seller has launched patches for these vulnerabilities for VMware ESXi, Workstation, Fusion, Cloud Basis, XSphere Basis, Telco Cloud Platform, and Instruments.
In a separate FAQ doc, Broadcom stated it has no proof that these vulnerabilities have been exploited within the wild.
Industrial big Rockwell Automation on Wednesday additionally printed an advisory to tell prospects about these VMware vulnerabilities. A number of Rockwell merchandise which will use VMware parts are impacted, together with Industrial Knowledge Middle (IDC), VersaVirtual Equipment (VVA), Risk Detection Managed Companies (TDMS), Endpoint Safety Service, and Engineered and Built-in Options.
Associated: NATO-Flagged Vulnerability Tops Newest VMware Safety Patch Batch
Associated: Vulnerabilities Patched by Juniper, VMware and Zoom
Associated: Vulnerabilities Patched by Ivanti, VMware, Zoom
