Cyber Security News

VMware Avi Load Balancer Vulnerability Let Attackers Gain Database Access

Broadcom disclosed a critical vulnerability affecting its Avi Load Balancer product.

The vulnerability, identified as CVE-2025-22217, is an unauthenticated blind SQL injection vulnerability that could allow attackers with network access to execute specially crafted SQL queries to gain unauthorized access to the underlying database.

The issue was privately reported to VMware and has been classified with a CVSSv3 base score of 8.6, placing it in the “Important” severity range.

The vulnerability arises from improper input sanitization in the Avi Load Balancer, enabling attackers to exploit the system without authentication.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Exploiting this flaw could lead to significant security breaches, including unauthorized database access and potential data compromise.

Affected & Fixed Versions

Broadcom has released patches for all affected versions to address this vulnerability. Users are strongly advised to apply the updates listed in the Response Matrix below:

ProductAffected VersionFixed Version
VMware Avi Load Balancer30.1.130.1.2-2p2
VMware Avi Load Balancer30.1.230.1.2-2p2
VMware Avi Load Balancer30.2.130.2.1-2p5
VMware Avi Load Balancer30.2.230.2.2-2p2

No workarounds are available for this issue, making it imperative for administrators to deploy the patches immediately.VMware has credited security researchers Daniel Kukuczka and Mateusz Darda for identifying and reporting this vulnerability.

Organizations using VMware Avi Load Balancer should take the following steps:

  1. Identify affected systems running vulnerable versions of the software.
  2. Apply the recommended patches as soon as possible.
  3. Monitor network activity for any suspicious behavior that could indicate exploitation attempts.

Failure to address this vulnerability promptly could expose critical databases to malicious actors, leading to data breaches and other security incidents.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar
Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Share
Published by
Guru Baran
Tags: cyber securitycyber security newsvulnerability
3 months ago

Recent Posts

Kali Linux Warns that Update Process is Going to Fail for All Users

Kali Linux users worldwide are facing an imminent disruption as the security-focused distribution has announced…

2 hours ago

Threat Actors Leverage Access to Valid Accounts via Phishing Attack

In a significant shift observed during the first quarter of 2025, cybersecurity experts have documented…

11 hours ago

Threat Actors Increasingly Utilize Ransomware as a Service Boosted by EDR Killers

The cybersecurity landscape is witnessing a significant shift as threat actors increasingly leverage Ransomware as…

11 hours ago

Threat Actors Weaponize Language Software to Windows-Based Remote Surveillance Malware

Senior members of the World Uyghur Congress (WUC) living in exile became targets of a…

11 hours ago

RansomHub Ransomware Deploying Malware to Compromise Corporate Networks

A new Ransomware-as-a-Service (RaaS) group called RansomHub emerged in the cybercriminal ecosystem, specializing in targeting…

12 hours ago

SAP NetWeaver 0-Day Vulnerability Exploited in the Wild to Deploy Webshells

SAP released an emergency out-of-band patch addressing CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver…

13 hours ago