Arbitrary Write Vulnerability in VMware ESXi
CVE-2025-22225

8.2HIGH

Key Information:

Vendor
VMware
Status
Vmware Esxi
Vmware Cloud Foundation
Vmware Telco Cloud Platform
Vmware Telco Cloud Infrastructure
Vendor
CVE Published:
4 March 2025

Badges

πŸ‘Ύ Exploit Exists🟣 EPSS 11%πŸ¦… CISA ReportedπŸ“° News Worthy

Summary

VMware ESXi is affected by an arbitrary write vulnerability that can be exploited by a malicious actor with privileges in the VMX process. This vulnerability could lead to unauthorized write access to the kernel, potentially allowing the attacker to escape the sandbox environment, compromising the security of the host system. Users are advised to apply relevant patches and follow best security practices to mitigate the risk.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

VMware Cloud Foundation 5.x, 4.5.x

VMware ESXi 8.0

VMware ESXi 8.0

News Articles

favicon imageCybersecurityNews

VMware Vulnerabilities Exploited Actively to Bypass Security Controls & Deploy Ransomware

A surge of ransomware attacks leveraging critical VMware virtualization vulnerabilities has triggered global alerts. Threat actors exploit flaws in ESXi, Workstation, and Fusion products to paralyze enterprise infrastructures.

favicon imageThe Cyber Express

CISA Updates Known Exploited Vulnerabilities Catalog

CISA updates the Known Exploited Vulnerabilities Catalog with 4 critical flaws in Linux and VMware. Quick patching is crucial to mitigate active cyber threats.

References

https://support.broadcom.com/web/ecx/support-content-noti...

EPSS Score

11% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ¦…

    CISA Reported

  • πŸ“°

    First article discovered by SC Media

  • Vulnerability published

  • Vulnerability Reserved

.