Patch to remediate Security Vulnerabilities VMSA-2025-0009 in SDDC Manager 4.5.2.0
Article ID: 398008
Updated On:
Products
Issue/Introduction
This article provides the steps to apply Hot patch on SDDC Manager 4.5.2.0, to remediate security Vulnerabilities reported in VMSA-2025-0009
Environment
SDDC Manager 4.5.2.0
Cause
This Hot patch release resolves CVE-2025-41229, CVE-2025-41230, and CVE-2025-41231. For more information on these vulnerabilities and their impact on Broadcom products, see VMSA-2025-0009
Resolution
Broadcom recommendation is to Upgrade the SDDC Manager to 5.2.1.2
Alternatively, follow below steps to apply the Hot patch on SDDC Manager 4.5.2.0
Note: If environment is below 4.5.2.0, first upgrade to 4.5.2.0 before applying this hot patch
Backup:
Initiate the backup of the SDDC manager before proceeding here are more details
1. Download the zip file using download link
2. Copy the downloaded zip file to SDDC manager to /home/vcf directory
3. SSH to SDDC manager using VCF user and su as root
4. Unzip the file
`unzip vcf-4520-chp.zip`
5. Change directory to extracted directory
`cd vcf-4520-chp/`
6. Execute patch script
`./patch.sh`
Note: Once you apply this 4.5.2.0 hot patch, the forward upgrade path will be to version 5.2.1.2
Additional Information
Recovery Option:
1. Download the SDDC Manager 4.5.2.0 GA OVA from the Broadcom Support Portal.
Go to the Broadcom Support Portal > Navigate to "Drivers & Tools" Tab > "VMware Cloud Foundation 4.5.2.0 Tools Downloads" > download the SDDC Manager Appliance ova for 4.5.2.0 GA
2. Deploy the SDDC Manager 4.5.2.0 GA OVA.
3. Follow the above mentioned steps to apply hot fix rpms
4. Restore the SDDC Manager by following the in doc, Restore SDDC Manager from a File-Based Backup
Feedback
