Urgent Security Advisory – VMware Vulnerabilities

This is an important notice regarding two critical VMware vulnerabilities identified this month.

1. VMSA-2025-0005 (CVSS Score: 7.8)

• Description: A vulnerability in VMware Tools could allow a malicious actor with non-administrative privileges to gain administrative access to a server.

• Recommendation: Upgrade VMware Tools to version 12.5.1 immediately.

• Magna5 Action: All hosted Windows Virtual Machines in Magna5's cloud environments are configured to upgrade VMware Tools automatically during their next reboot. Customers were previously notified of this action.

2. VMSA-2025-0004 (CVSS Score: 7.1 - 9.3)

• Description: A set of vulnerabilities could allow a malicious actor with administrative access on a Virtual Machine to exploit and gain access to the host and other Virtual Machines.

• Recommendation: Upgrade ESXi servers to one of the following secure versions: 8.0 U3d, 8.0 U2d, or 7.0 U3s, based on your current version.

• Magna5 Action: Magna5 has already upgraded all hosts in our cloud offering to mitigate this vulnerability. Customers were previously informed of this maintenance.

Actions for Customers

If you are managing your own VMware environments, we strongly recommend applying the outlined upgrades as soon as possible. If you require assistance, please contact Magna5 support for guidance.

Contact Support

Should you have any questions, concerns, or need further assistance, please reach out to us:

• Phone: 1-844-462-4625 • Email: support@magna5.com

Magna5 appreciates your continued partnership and remains committed to ensuring the security and stability of your environment.

Thank you, Magna5 Support Team