Broadcom 发布了 VMSA-2025-0013 安全公告，更新了 VMware ESXi、Workstation、Fusion 和 Tools，以修复在 Pwn2Own 2025 黑客竞赛中发现的多个漏洞。这些漏洞包括 CVE-2025-41236 至 CVE-2025-41239，涵盖了关键、重要和中等严重性级别。此次公告是在 Pwn2Own 2025 竞赛中，VMware 产品（包括 ESXi 和 Workstation）遭到成功利用之后发布的。Broadcom 强调用户应审查安全公告并联系 VMware 支持获取帮助。

🛡️ **VMware 安全公告 VMSA-2025-0013 发布**：Broadcom 发布了最新的 VMware 安全公告 VMSA-2025-0013，针对 VMware ESXi、Workstation、Fusion 和 Tools 的更新。此公告旨在修复在备受瞩目的 Pwn2Own 2025 黑客竞赛中被发现的多个安全漏洞，确保用户系统的安全性。

🎯 **Pwn2Own 2025 竞赛中的漏洞披露**：公告详细说明了在 Pwn2Own 2025 竞赛中，VMware ESXi（Type 1 Hypervisor）和 VMware Workstation（Type 2 Hypervisor）产品所面临的攻击。竞赛期间，STAR Labs SG、Reverse Tactics 和 Synacktiv 的研究人员成功利用了产品中的漏洞，包括一些已被披露的漏洞。

🔧 **漏洞详情与修复措施**：此次更新修复了 CVE-2025-41236、CVE-2025-41237、CVE-2025-41238 和 CVE-2025-41239 这四个漏洞，这些漏洞的严重性从关键到中等不等。Broadcom 正在积极进行修复，并建议客户立即查阅安全公告以了解详细信息和必要的更新步骤。

🤝 **厂商与研究人员的合作**：Broadcom 感谢 Zero Day Initiative (ZDI) 允许其参与竞赛，并特别感谢 STAR Labs SG、Reverse Tactics 和 Synacktiv 等研究团队在发现和报告漏洞方面的合作，共同致力于提升 VMware 产品的安全性。

Update July 15, 2025

Today, Broadcom has released the following new VMware security advisory:

VMSA-2025-0013 – VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239)

The advisory documents the remediation of the Critical, Important, and Moderate severity vulnerabilities demonstrated at the Pwn2Own 2025 hacking contest. Customers should review the security advisory and direct any questions to VMware Support.

Original Post

Greetings from the Broadcom PSIRT Team – VCF Division.

Pwn2Own 2025 has been wrapped-up and we have witnessed successful exploitation of some of the very well-known products. Broadcom VMware products have been a part of Pwn2Own since 2016. Similar to last year, VMware ESXi – Type 1 and VMware Workstation – Type 2 Hypervisors were the targets in the virtualization category with a prize money of $180,000 and $80,000 respectively.

We have seen three successful attempts on our products in this year’s contest.

On day 2 – May 16, 2025, Nguyen Hoang Thach of STARLabs SG successfully exploited VMware ESXi. This is the first time VMware ESXi was exploited in Pwn2Own hacking event.

On Day 3 – May 17, 2025, Corentin BAYET of Reverse Tactics successfully exploited ESXi by chaining two vulnerabilities. One of vulnerabilities used in the exploit was a collision as it was already known. Later that day, Thomas Bouzerar and Etienne Helluy-Lafont from Synacktiv managed to successfully exploit Workstation.

We are actively working on the remediation and we plan to publish a VMware Security Advisory to provide information on updates for the affected products.

We would like to thank Zero Day Initiative (ZDI) for allowing us to participate. In addition, we would like to thank teams from STAR Labs SG, Reverse Tactics, and Synacktiv for working with us to address the reported issues.

If you want to be informed on VMware Security Advisories (VMSAs), please sign up here for new and updated information.

The post VMware and Pwn2Own 2025 – Berlin appeared first on VMware Security Blog.