CVE-2025-22224

critical

Description

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

From the Tenable Blog

CVE-2025-22224, CVE-2025-22225, CVE-2025-22226: Zero-Day Vulnerabilities in VMware ESXi, Workstation and Fusion Exploited
CVE-2025-22224, CVE-2025-22225, CVE-2025-22226: Zero-Day Vulnerabilities in VMware ESXi, Workstation and Fusion Exploited

Published: 2025-03-04

Broadcom published an advisory for three flaws in several VMware products that were exploited in the wild as zero-days. Organizations are advised to apply the available patches.

References

https://securityaffairs.com/175858/security/authentication-bypass-cve-2025-22230-in-vmware-tools-for-windows.html

https://www.bleepingcomputer.com/news/security/broadcom-warns-of-authentication-bypass-in-vmware-windows-tools/

https://www.cisa.gov/news-events/ics-advisories/icsa-25-077-02

https://blog.talosintelligence.com/patch-it-up-old-vulnerabilities-are-everyones-problems/

https://www.securityweek.com/exploited-vmware-esxi-flaws-put-many-at-risk-of-ransomware-other-attacks/

https://www.bleepingcomputer.com/news/security/over-37-000-vmware-esxi-servers-vulnerable-to-ongoing-attacks/

https://cloud.google.com/support/bulletins/index#gcp-2025-011

https://www.databreachtoday.com/broadcom-patches-actively-exploited-zero-days-in-vmware-esxi-a-27647

https://www.theregister.com/2025/03/04/vmware_plugs_three_hypervisorhijack_holes/

https://www.tenable.com/blog/cve-2025-22224-cve-2025-22225-cve-2025-22226-zero-day-vulnerabilities-in-vmware-esxi

https://www.securityweek.com/broadcom-patches-3-vmware-zero-days-exploited-in-the-wild/

https://www.infosecurity-magazine.com/news/vmware-patch-exploited-zero-day/

https://www.darkreading.com/vulnerabilities-threats/vmware-zero-day-bugs-sandbox-escape

https://www.cisa.gov/news-events/alerts/2025/03/04/cisa-adds-four-known-exploited-vulnerabilities-catalog

https://www.bleepingcomputer.com/news/security/broadcom-fixes-three-vmware-zero-days-exploited-in-attacks/

https://therecord.media/vmware-exploited-vulnerabilities-esxi-workstation-fusion

https://thehackernews.com/2025/03/vmware-security-flaws-exploited-in.html

https://arstechnica.com/security/2025/03/vmware-patches-3-critical-vulnerabilities-in-multiple-product-lines/

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

Details

Source: Mitre, NVD

Published: 2025-03-04

Updated: 2025-03-05

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.3

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Severity: Critical