|
Service Advisory
Broadcom has published a critical security advisory (VMSA-2025-0004) to address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225,CVE-2025-22226) identified in VMware ESXi, VMware Workstation and VMware Cloud Foundation Server. If exploited, these vulnerabilities could result in data breaches, system compromised and unauthorized access. There are reports of these vulnerabilities being exploited in the wild.
Severity level
CVSS Score: 7.1 - 9.3/ High,Critical
Description
CVE-2025-22224 is a critical-severity VCMI heap overflow vulnerability that enables local attackers with administrative privileges on the targeted VM to execute code as the VMX process running on the host. CVE-2025-22225 is an ESXi arbitrary write vulnerability that allows the VMX process to trigger arbitrary kernel writes, leading to a sandbox escape, while CVE-2025-22226 is described as an HGFS information-disclosure flaw that lets threat actors with admin permissions to leak memory from the VMX process.
Affected Versions
VMware ESXi – versions 8.0 and 7.0
VMware Workstation – version 17.x
VMware Fusion – version 13.x
VMware Cloud Foundation – versions 5.x and 4.5.x
VMware Telco Cloud Platform – versions 5.x, 4.x, 3.x, 2.x
VMware Telco Cloud Infrastructure – versions 3.x, 2.x
Impact
An attacker could exploit these vulnerabilities to gain access to the virtualized infrastructure .
Resolution
Please apply the patches listed in the vendor advisory.
Reference
UIT Information Security
Contact
IT Client Services at askIT@yorku.ca or 416 736 5800
|
