VMware NSX: High-risk security vulnerability patched

Broadcom warns of high-risk security vulnerabilities in the network virtualization and security platform VMware NSX. Among other things, attackers can infiltrate and execute malicious code. IT managers should quickly update to the bug-fixed versions.

In a security announcement, Broadcom writes that the vulnerabilities have been privately reported to the company. Active attacks are not yet known.

High-risk gap

The manufacturer considers a stored cross-site scripting (XSS) vulnerability in the Manager UI to be the most serious. This can occur due to inadequate checking of transferred data. Attackers with authorization to create or modify network settings can inject malicious code that is executed when the network settings are displayed (CVE-2025-22243 / EUVD-2025-16910, CVSS 7.5, risk "high").

Attackers can also abuse a stored cross-site scripting vulnerability in the gateway firewall. If they have rights to create or modify the response page for URL filtering, they can inject malicious code that is executed when attempting to access a filtered website (CVE-2025-22244 / EUVD-2025-16909, CVSS 6.9, risk "medium"). Insufficient filtering of input in the router port also means that attackers can abuse a stored cross-site scripting vulnerability to inject malicious code if they have rights to create or modify router ports. The code is executed if someone tries to access the router port (CVE-2025-22245 / EUVD-2025-16908, CVSS 5.9, risk "medium").

Broadcom corrects the vulnerabilities in VMware NSX 4.2.2.1, 4.2.1.4 and 4.1.2.6 as well as in VMware Cloud Foundation 4.2.2.1 and 4.1.2.6. For the vulnerable VMware Telco Cloud Platform and Infrastructure, Broadcom lists update options in a separate knowledge base article.

(dmk)