@GossiTheDog
In the Github version of the advisory and FAQ they actually state that ALL unpatched versions are vulnerable though they indicate that they haven't tested most unsupported versions. Here are few snippets from the link below:
You are affected if you are running any version of VMware ESX, VMware vSphere, VMware Cloud Foundation, or VMware Telco Cloud Platform prior to the versions listed as “fixed” in the VMSA.
For a definitive list of affected versions, please refer to the VMSA directly. If there is any uncertainty about whether a system is affected, it should be presumed vulnerable, and immediate action should be taken.
Does this impact VMware vSphere 6.5 or 6.7?
Yes. A patch has been released for ESX 6.7 and is available via the Support Portal to all customers. ESX 6.5 customers should use the extended support process for access to ESX 6.5 patches.
Products that are past their End of General Support dates are not evaluated as part of security advisories, and are not listed in the official VMSA. Broadcom strongly encourages all customers using vSphere 6.5 and 6.7 to update to vSphere 8.
https://github.com/vmware/vcf-security-and-compliance-guidelines/tree/main/security-advisories/vmsa-2025-0004