{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cloud Foundation versions 4.5.x avec vCenter versions 7.x ant\u00e9rieures \u00e0 7.0 U3w","product":{"name":"Cloud Foundation","vendor":{"name":"VMware","scada":false}}},{"description":"Telco Cloud Platform versions 5.x, 4.x, 3.x et 2.x sans les recommandations des articles KB411508 et KB411518","product":{"name":"Telco Cloud Platform","vendor":{"name":"VMware","scada":false}}},{"description":"NSX versions 4.2.2.x ant\u00e9rieures \u00e0 4.2.2.2","product":{"name":"NSX","vendor":{"name":"VMware","scada":false}}},{"description":"Telco Cloud Infrastructure versions 3.x et 2.x sans les recommandations des articles KB411508 et KB411518","product":{"name":"Telco Cloud Infrastructure","vendor":{"name":"VMware","scada":false}}},{"description":"Cloud Foundation versions 5.x ant\u00e9rieures \u00e0 5.2.2","product":{"name":"Cloud Foundation","vendor":{"name":"VMware","scada":false}}},{"description":"NSX versions 4.2.3.x ant\u00e9rieures \u00e0 4.2.3.1","product":{"name":"NSX","vendor":{"name":"VMware","scada":false}}},{"description":"NSX-T versions 3.x ant\u00e9rieures \u00e0 3.2.4.3","product":{"name":"NSX","vendor":{"name":"VMware","scada":false}}},{"description":"Cloud Foundation versions 9.x ant\u00e9rieures \u00e0 9.0.1.0","product":{"name":"Cloud Foundation","vendor":{"name":"VMware","scada":false}}},{"description":"vCenter versions 7.x ant\u00e9rieures \u00e0 7.0 U3w","product":{"name":"vCenter Server","vendor":{"name":"VMware","scada":false}}},{"description":"vSphere Foundation versions 13.x ant\u00e9rieures \u00e0 13.0.5.0","product":{"name":"vSphere Foundation","vendor":{"name":"VMware","scada":false}}},{"description":"vCenter versions 8.x ant\u00e9rieures \u00e0 8.0 U3g","product":{"name":"vCenter Server","vendor":{"name":"VMware","scada":false}}},{"description":"Telco Cloud Platform versions 5.x et 4.x avec Aria Operations versions 8.x ant\u00e9rieures \u00e0 8.18.5","product":{"name":"Telco Cloud Platform","vendor":{"name":"VMware","scada":false}}},{"description":"vSphere Foundation versions 9.x ant\u00e9rieures \u00e0 9.0.1.0","product":{"name":"vSphere Foundation","vendor":{"name":"VMware","scada":false}}},{"description":"Cloud Foundation versions 13.x ant\u00e9rieures \u00e0 13.0.5.0","product":{"name":"Cloud Foundation","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Tools versions 13.x ant\u00e9rieures \u00e0 13.0.5","product":{"name":"VMware Tools","vendor":{"name":"VMware","scada":false}}},{"description":"Cloud Foundation versions 5.x et 4.x sans les recommandations des articles KB92148 et KB88287","product":{"name":"Cloud Foundation","vendor":{"name":"VMware","scada":false}}},{"description":"Telco Cloud Infrastructure versions 3.x et 2.x avec Aria Operations versions 8.x ant\u00e9rieures \u00e0 8.18.5","product":{"name":"Telco Cloud Infrastructure","vendor":{"name":"VMware","scada":false}}},{"description":"NSX versions 4.0.x et 4.1.x ant\u00e9rieures \u00e0 4.1.2.7","product":{"name":"NSX","vendor":{"name":"VMware","scada":false}}},{"description":"Aria Operations versions 8.x ant\u00e9rieures \u00e0 8.18.5","product":{"name":"Aria Operations","vendor":{"name":"VMware","scada":false}}},{"description":"VMware Tools versions 11.x et 12.x ant\u00e9rieures \u00e0 12.5.4","product":{"name":"VMware Tools","vendor":{"name":"VMware","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2025-41245","url":"https://www.cve.org/CVERecord?id=CVE-2025-41245"},{"name":"CVE-2025-41252","url":"https://www.cve.org/CVERecord?id=CVE-2025-41252"},{"name":"CVE-2025-41251","url":"https://www.cve.org/CVERecord?id=CVE-2025-41251"},{"name":"CVE-2025-41246","url":"https://www.cve.org/CVERecord?id=CVE-2025-41246"},{"name":"CVE-2025-41244","url":"https://www.cve.org/CVERecord?id=CVE-2025-41244"},{"name":"CVE-2025-41250","url":"https://www.cve.org/CVERecord?id=CVE-2025-41250"}],"links":[],"reference":"CERTFR-2025-AVI-0832","revisions":[{"description":"Version initiale","revision_date":"2025-09-30T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware","vendor_advisories":[{"published_at":"2025-09-29","title":"Bulletin de s\u00e9curit\u00e9 VMware 36149","url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36149"},{"published_at":"2025-09-29","title":"Bulletin de s\u00e9curit\u00e9 VMware 36150","url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150"}]}