Information Disclosure Vulnerability in VMware ESXi, Workstation, and Fusion
CVE-2025-22226
What is CVE-2025-22226?
VMware ESXi, Workstation, and Fusion are affected by an information disclosure vulnerability caused by an out-of-bounds read in the HGFS component. A malicious user with administrative access to a virtual machine could exploit this vulnerability to extract sensitive memory data from the vmx process, potentially leading to unauthorized information leakage.
CISA has reported CVE-2025-22226
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-22226 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
ESXi 8.0
ESXi 8.0
ESXi 7.0