Broadcom has identified a critical security vulnerability in its Avi Load Balancer, designated as CVE-2025-22217. This flaw, classified with a CVSSv3 base score of 8.6, is an unauthenticated blind SQL injection vulnerability that allows attackers with network access to execute specially crafted SQL queries. By exploiting this weakness, malicious actors can gain unauthorized access to the underlying database, posing a significant security risk. The issue was privately reported to VMware and has been categorized as an “Important” severity vulnerability due to its potential impact.
The vulnerability is caused by improper input sanitization, making it possible for attackers to manipulate database queries without authentication. If successfully exploited, this flaw could lead to data breaches, unauthorized access, and potential system compromise. Since no workarounds are available, organizations using the affected versions of the Avi Load Balancer must take immediate action to secure their systems. VMware has acknowledged the contributions of security researchers Daniel Kukuczka and Mateusz Darda for discovering and reporting the vulnerability.
Broadcom has released security patches to address the vulnerability in all affected versions of the Avi Load Balancer.
The company strongly advises administrators to update their systems immediately by applying the provided patches. The patched versions include updates for VMware Avi Load Balancer versions 30.1.1, 30.1.2, 30.2.1, and 30.2.2, which have been upgraded to secure versions 30.1.2-2p2, 30.1.2-2p2, 30.2.1-2p5, and 30.2.2-2p2, respectively. Failure to apply these updates promptly could leave organizations exposed to cyberattacks targeting this vulnerability.
To mitigate risks, organizations should identify vulnerable systems, implement the necessary patches, and monitor network activity for any suspicious behavior. Administrators must remain vigilant against potential exploitation attempts, as attackers could leverage this flaw to infiltrate critical databases and compromise sensitive data. Addressing this vulnerability swiftly is crucial to preventing cyber threats that could disrupt operations and lead to significant security incidents.
