Successful exploitation could allow attackers to modify hardware configurations, manipulate seismic data, or perform factory resets on monitoring equipment critical to earthquake detection and industrial safety systems. Three critical out-of-bounds write vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238) stem from integer overflow and underflow conditions in VMware’s VMXNET3 virtual network adapter, Virtual Machine Communication Interface (VMCI), and Paravirtualized SCSI (PVSCSI) controller, respectively. The flaws affect seismic monitoring devices and virtualized industrial systems used across global critical manufacturing sectors. For Rockwell systems, users with active managed service contracts will receive direct remediation support, while others should consult Broadcom’s security advisories for VMware patches. Despite CISA’s coordination attempts, Güralp Systems has not responded to disclosure efforts, leaving users to implement network-level mitigations, including firewall isolation and VPN-secured remote access. CISA emphasizes implementing defense-in-depth strategies immediately, as these vulnerabilities affect critical manufacturing sectors globally. CISA issued advisories for Güralp seismic devices and Rockwell VMware systems. Each carries identical CVSS v3.1 scores of 9.3 with vector strings CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H, indicating local access requirements but potential for complete system compromise.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 01 Aug 2025 09:40:20 +0000