CVE-2025-32728 vulnerability in vSphere Replication and Live Site Recovery appliances

search cancel

CVE-2025-32728 vulnerability in vSphere Replication and Live Site Recovery appliances

book

Article ID: 407621

calendar_today

Updated On:

Products

VMware Live Recovery

Issue/Introduction

The openssh version used in the current versions 9.0.2 of vSphere Replication and VMware Live Site Recovery appliances is impacted by vulnerability CVE-2025-32728

Environment

vSphere Replication 9.0.2

Live Site Recovery 9.0.2

Cause

openssh version used in current versions is impacted by CVE-2025-32728

Resolution

Issue is resolved in VLSR 9.0.4 which has openSSH version 9.3p2-13.ph5.

The scanner may flag the vulnerability as it needs OpenSSH version 10, but it could be safely ignored for VLSR 9.0.4.

Feedback

thumb_up Yes

thumb_down No