VMware News Articles
Recent news articles refferecing the vendors vulnerabilities.
CISA says critical VMware RCE flaw now actively exploited
CISA has flagged a critical VMware vCenter Server vulnerability as actively exploited and ordered U.S. federal agencies to secure their servers within three weeks.
3 days ago
The Hacker NewsCVE-2024-37079CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog
CISA added VMware vCenter vulnerability CVE-2024-37079 to its KEV list after confirmed in-the-wild exploitation, urging organizations to apply patches
6 days ago
Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure
Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before disclosure.
3 weeks ago
Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure
Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before disclosure.
3 weeks ago
Xwiki and VMWare vulnerabilities exploited in the wild
A pair of newly exploited vulnerabilities has been added to CISAβs Known Exploited Vulnerabilities Catalog.
The StackCVE-2025-41244CISA adds VMware bug to KEV a year after first exploited
CISA updated its known exploited vulnerability catalogue on Thursday to include the VMware bug CVE-2025-41244, first exploited in October 2024.
Cyber PressCVE-2025-41244CISA Warns of Actively Exploited 0-Day Vulnerabilities in VMware Tools and Aria Operations
Tracked as CVE-2025-41244, this 0-day flaw poses a significant risk to organizations managing virtualized infrastructure, potentially allowing attackers
CybersecurityNewsCVE-2025-41244CISA Warns of VMware Tools and Aria Operations 0-Day Vulnerability Exploited in Attacks
CISA has added CVE-2025-41244 to its Known Exploited Vulnerabilities catalog. This local privilege escalation flaw affects Broadcom's VMware Aria Operations and VMware Tools, with evidence of active exploitation in the wild.
Security AffairsU.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog.
China Exploited New VMware Bug for Nearly a Year
A seemingly benign privilege-escalation process in VMware and other software has likely benefited attackers and other malware strains for years.
Chinese hackers exploiting VMware zero-day since October 2024
Broadcom has patched a high-severity privilege escalation vulnerability in its VMware Aria Operations and VMware Tools software, which has been exploited in zero-day attacks since October 2024.
The Hacker NewsCVE-2025-41244Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024
VMware CVE-2025-41244 exploited by UNC5174 since Oct 2024, CVSS 7.8, patch now available.
CybleCSA Issues Critical Alert For VMware Vulnerabilities
Broadcom and CSA warn of critical VMware Vulnerabilities ilties flaws, including CVE-2025-41236 and CVE-2025-41237. Update ESXi, Workstation, and Fusion immediately to stay secure.
BornCityCVE-2025-22224Over 37,000 VMware ESXi servers vulnerable via CVE-2025-22224 | Born's Tech and Windows World
[German]This week, VMware by Broadcom has released security updates for various products, including VMware ESXi servers, to close security gaps. One vulnerability has already been exploited as a 0-day. Now...
Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025
VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them.
Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025
VMware patched flaws disclosed during the Pwn2Own Berlin 2025 hacking contest, where researchers earned $340,000 for exploiting them.
VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025.
Cyber Security Agency of SingaporeMultiple Vulnerabilities in VMware Products
Security updates have been released for multiple vulnerabilities affecting VMware products.
0-day vulnerabilities in VMWare ESXi, Workstation and Fusion | Born's Tech and Windows World
[German]As of March 4, 2025, VMware by Broadcom has published a security advisory to warn of three zero-day vulnerabilities CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226) that have already been exploited...
VMware ESXi and vCenter Flaw Enables Arbitrary Command Execution
Now a Broadcom company, VMware has released urgent security updates to address several high-severity vulnerabilities
GBHackers NewsCritical VMware Cloud Foundation Vulnerability Exposes Sensitive Data
Broadcom's VMware division has disclosed three significant security vulnerabilities in its Cloud Foundation platform.
CyberSecurityNewsCVE-2025-22247VMware Tools Vulnerability Let Attackers Tamper Files to Trigger Malicious Operations
A moderate-severity vulnerability in VMware Tools could allow attackers with limited privileges to manipulate files and trigger insecure operations within virtual machines.
TechRepublicCVE-2025-22230Update VMware Tools for Windows NOW: High-Severity Flaw Lets Hackers Bypass Authentication
CVE-2025-22230 is described as an "authentication bypass vulnerability" by Broadcom, allowing hackers to perform high-privilege operations without the necessary credentials.
Broadcom issues fix for critical authentication bypass in VMware Tools
Broadcom has issued critical security updates to remediate an authentication bypass vulnerability in VMware Tools for Windows.
Broadcom issues fix for critical authentication bypass in VMware Tools
Broadcom has issued critical security updates to remediate an authentication bypass vulnerability in VMware Tools for Windows.