Broadcom has issued security patches to address a high-severity security flaw in VMware Tools for Windows that could lead to an authentication bypass.
Tracked as CVE-2025-22230, the vulnerability is rated 7.8 on the ten-point Common Vulnerability Scoring System (CVSS).
“VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control,” Broadcom said in an alert issued Tuesday. “A malicious actor with non-administrative privileges on a Windows guest VM may gain the ability to perform certain high-privilege operations within that VM.”
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
Credited with discovering and reporting the flaw is Sergey Bliznyuk of Russian cybersecurity company Positive Technologies.
CVE-2025-22230 impacts VMware Tools for Windows versions 11.x.x and 12.x.x. It has been fixed in version 12.5.1. There are no workarounds that address the issue.
CrushFTP Discloses New Flaw
The development comes as CrushFTP has warned customers of an “unauthenticated HTTP(S) port access” vulnerability affecting CrushFTP versions 10 and 11. It has yet to be assigned a CVE identifier.
“This issue affects CrushFTP v10/v11 but does not work if you have the DMZ function of CrushFTP in place,” the company said. “The vulnerability was responsibly disclosed, it is not being used actively in the wild that we know of, no further details will be given at this time.”
According to details shared by cybersecurity company Rapid7, successful exploitation of the vulnerability could lead to unauthenticated access via an exposed HTTP(S) port.
With security flaws in VMware and CrushFTP previously exploited by malicious actors, it’s essential that users move quickly to apply the updates as soon as possible.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker