Arbitrary Write Vulnerability in VMware ESXi
CVE-2025-22225

8.2HIGH

Key Information:

Badges

๐Ÿ‘พ Exploit Exists๐Ÿฆ… CISA Reported๐Ÿ“ฐ News Worthy

Summary

VMware ESXi is affected by an arbitrary write vulnerability that can be exploited by a malicious actor with privileges in the VMX process. This vulnerability could lead to unauthorized write access to the kernel, potentially allowing the attacker to escape the sandbox environment, compromising the security of the host system. Users are advised to apply relevant patches and follow best security practices to mitigate the risk.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

VMware Cloud Foundation 5.x, 4.5.x

VMware ESXi 8.0

VMware ESXi 8.0

News Articles

VMware Vulnerabilities Exploited Actively to Bypass Security Controls & Deploy Ransomware

A surge of ransomware attacks leveraging critical VMware virtualization vulnerabilities has triggered global alerts. Threat actors exploit flaws in ESXi, Workstation, and Fusion products to paralyze enterprise infrastructures.

2 weeks ago

CISA Updates Known Exploited Vulnerabilities Catalog

CISA updates the Known Exploited Vulnerabilities Catalog with 4 critical flaws in Linux and VMware. Quick patching is crucial to mitigate active cyber threats.

1 month ago

References

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • ๐Ÿ“ฐ

    First article discovered by SC Media

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿฆ…

    CISA Reported

  • Vulnerability published

  • Vulnerability Reserved

.