SD1730 | Security Advisory | Rockwell Automation

Severity:

High,

Critical

Advisory ID:

SD1730

发布日期:

July 16, 2025

上次更新时间:

July 16, 2025

Revision Number:

1.0

Known Exploited Vulnerability (KEV):

否

Corrected:

是

Workaround:

否

CVE IDs

CVE-2025-41236,

CVE-2025-41237,

CVE-2025-41238,

CVE-2025-41239

下载

The following link(s) provide the security advisory in Vulnerability Exploitability Exchange format:

JSON

摘要

Published Date: 7/16/2025

Last updated:7/16/2025

Revision Number: 1.0

The security of our products is important to us as your chosen industrial automation supplier. This anomaly was found through a third-party advisory and is being reported based on our commitment to customer transparency and to improve their business or production environments.

AFFECTED PRODUCTS AND SOLUTION

Affected Product	Affected Versions	Corrected in software version
Industrial Data Center (IDC) with VMware	Generations 1 – 4	Refer to Mitigations and Workarounds
VersaVirtual Appliance (VVA) with VMware	Series A & B	Refer to Mitigations and Workarounds
Threat Detection Managed Services (TDMS) with VMware	All	Refer to Mitigations and Workarounds
Endpoint Protection Service with Rockwell Automation Proxy & VMware only	All	Refer to Mitigations and Workarounds
Engineered and Integrated Solutions with VMware	All	Refer to Broadcom’s advisory

Remediations and Workarounds

Users with an active Rockwell Automation Infrastructure Managed Service contract or Threat Detection Managed Service contract:

Rockwell Automation will contact impacted users to discuss actions needed for remediation efforts.

Users without Rockwell Automation managed services contract, refer to Broadcom’s advisories below :

· Support Content Notification - Support Portal - Broadcom support portal

· https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u3f-release-notes.html

· https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-80u2e-release-notes.html

· https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/7-0/release-notes/esxi-update-and-patch-release-notes/vsphere-esxi-70u3w-release-notes.html

Additionally, users using the affected software, who are not able to upgrade to one of the corrected versions, are encouraged to apply security best practices, where possible.

· Security Best Practices

VULNERABILITY DETAILS

Rockwell Automation used v3.1 and v4.0 of the CVSS scoring system to assess the following vulnerabilities.

CVE-2025-41236

An integer-overflow vulnerability exists in the VMXNET3 virtual network adapter used in VMware ESXi, Workstation, and Fusion. Exploitation of this vulnerability can lead to code execution on the host.

CVSS 3.1 Base Score: 9.3

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.4

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Known Exploited Vulnerability (KEV) database: No

CVE-2025-41237

An integer-underflow vulnerability exists in the Virtual Machine Communication Interface (VMCI) of VMware ESXi, Workstation, and Fusion, which can lead to an out-of-bounds write. Exploitation of this vulnerability can lead to code execution on the host.

CVSS 3.1 Base Score: 9.3

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.4

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Known Exploited Vulnerability (KEV) database: No

CVE-2025-41238

A heap-overflow vulnerability exists in the Paravirtualized SCSI (PVSCSI) controller of VMware ESXi, Workstation, and Fusion, which can lead to an out-of-bounds write. Exploitation of this vulnerability can lead to code execution on the host.

CVSS 3.1 Base Score: 9.3

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS 4.0 Base Score: 9.4

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Known Exploited Vulnerability (KEV) database: No

CVE-2025-41239

An information disclosure vulnerability exists in vSockets due to the use of uninitialized memory in VMware ESXi, Workstation, Fusion, and VMware Tools. Exploitation of this vulnerability can result in the leakage of memory from processes communicating with vSockets.

CVSS 3.1 Base Score: 7.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVSS 4.0 Base Score: 8.2

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Known Exploited Vulnerability (KEV) database: No

Users can use Stakeholder-Specific Vulnerability Categorization to generate more environment-specific prioritization.

ADDITIONAL RESOURCES

The following link provides CVE information in Vulnerability Exploitability Exchange (VEX) format, which is machine readable and can be used to automate vulnerability management and tracking activities.

Glossary:

VMXNET3: virtual network adapter optimized for VMware environments
VMware ESXi: hypervisor that enables virtualization of servers
VMware Workstation: desktop application that allows users to run multiple operating systems as virtual machines on a single PC
VMware Fusion: a macOS application that enables users to run Windows and other operating systems within a virtual environment
Code execution: an attacker's ability to run any commands or code of the attacker's choice on a target machine or in a target process
Known Exploited Vulnerability (KEV) database: an official list of security flaws that attackers have actively exploited

Lifecycle Services with VMware are Vulnerable to third-party Vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239)