Latest Cyber Security News

You are here: Home / General Cyber Security News / VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
March 4, 2025

Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure.

The list of vulnerabilities is as follows –

  • CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with local administrative privileges on a virtual machine could exploit to execute code as the virtual machine’s VMX process running on the host
  • CVE-2025-22225 (CVSS score: 8.2) – An arbitrary write vulnerability that a malicious actor with privileges within the VMX process could exploit to result in a sandbox escape
  • CVE-2025-22226 (CVSS score: 7.1) – An information disclosure vulnerability due to an out-of-bounds read in HGFS that a malicious actor with administrative privileges to a virtual machine could exploit to leak memory from the vmx process

Cybersecurity

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The shortcomings impact the below versions –

  • VMware ESXi 8.0 – Fixed in ESXi80U3d-24585383, ESXi80U2d-24585300
  • VMware ESXi 7.0 – Fixed in ESXi70U3s-24585291
  • VMware Workstation 17.x – Fixed in 17.6.3
  • VMware Fusion 13.x – Fixed in 13.6.3
  • VMware Cloud Foundation 5.x – Async patch to ESXi80U3d-24585383
  • VMware Cloud Foundation 4.x – Async patch to ESXi70U3s-24585291
  • VMware Telco Cloud Platform 5.x, 4.x, 3.x, 2.x – Fixed in ESXi 7.0U3s, ESXi 8.0U2d, and ESXi 8.0U3d
  • VMware Telco Cloud Infrastructure 3.x, 2.x – Fixed in ESXi 7.0U3s

In a separate FAQ, Broadcom acknowledged that it has “information to suggest that exploitation of these issues has occurred ‘in the wild,’ but it did not elaborate on the nature of the attacks or the identity of the threat actors that have weaponized them.

The virtualization services provider credited the Microsoft Threat Intelligence Center for discovering and reporting the bugs. In light of active exploitation, it’s essential that users apply the latest patches for optimal protection.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.


Some parts of this article are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *