VMware vCenter & NSX Flaws Allow Email & User Enumeration

Cyber Security News by CyberSum.net

Published on October 1, 2025 at 06:04 PM

3 sources

Broadcom has addressed multiple vulnerabilities in VMware vCenter and NSX with new security updates. The flaws include an SMTP header injection in vCenter (CVE-2025-41250) that could allow a privileged user to manipulate notification emails. Additionally, two vulnerabilities in NSX (CVE-2025-41251 and CVE-2025-41252) permit an unauthenticated attacker to enumerate valid usernames. These NSX flaws exploit a weak password recovery mechanism and login response timing to confirm existing accounts. Administrators are urged to apply the patches immediately, as these issues could facilitate targeted brute-force or phishing attacks.

Also Read

Detour Dog Uses DNS to Deliver Strela Stealer Malware

The cybercrime group Detour Dog has been quietly infecting over 30,000 websites since 2020 using a sophisticated, server-side attack. The group leverages DNS TXT records as a covert channel to send commands to compromised sites, making the malicious activity invisible to most visitors. This technique allows them to selectively redirect users to scams or, more recently, deliver the powerful Strela Stealer infostealer malware. By controlling the attack from the server, the compromised websites can remain infected for long periods without detection. The campaign's vast infrastructure generates millions of DNS queries, with traffic originating from numerous global locations.

By Cyber Security News by CyberSum.netOctober 2, 2025 at 12:00 AM