Broadcom has issued security patches to address a high-severity security flaw in VMware Tools for Windows that could lead to an authentication bypass.
Tracked as CVE-2025-22230, the vulnerability is rated 7.8 on the ten-point Common Vulnerability Scoring System (CVSS).
“VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control,” Broadcom said in an alert issued Tuesday. “A malicious actor with non-administrative privileges on a Windows guest VM may gain the ability to perform certain high-privilege operations within that VM.”
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
Credited with discovering and reporting the flaw is Sergey Bliznyuk of Russian cybersecurity company Positive Technologies.
CVE-2025-22230 impacts VMware Tools for Windows versions 11.x.x and 12.x.x. It has been fixed in version 12.5.1. There are no workarounds that address the issue.
CrushFTP Discloses New Flaw
The development comes as CrushFTP has warned customers of an “unauthenticated HTTP(S) port access” vulnerability affecting CrushFTP versions 10 and 11. It has yet to be assigned a CVE identifier.
“This issue affects CrushFTP v10/v11 but does not work if you have the DMZ function of CrushFTP in place,” the company said. “The vulnerability was responsibly disclosed, it is not being used actively in the wild that we know of, no further details will be given at this time.”
According to details shared by cybersecurity company Rapid7, successful exploitation of the vulnerability could lead to unauthenticated access via an exposed HTTP(S) port.
With security flaws in VMware and CrushFTP previously exploited by malicious actors, it’s essential that users move quickly to apply the updates as soon as possible.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker