Cyber security news for all

More

    VMware Security Vulnerabilities Exploited—Broadcom Issues Critical Fixes

    admin
    By admin
    Vulnerabilities

    In a move to counteract ongoing cyber threats, Broadcom has urgently rolled out security patches addressing three critical vulnerabilities actively exploited in VMware ESXi, Workstation, and Fusion. These flaws open the door to remote code execution and data leakage, posing a substantial risk to virtualized environments.

    Catalog of Exploited Weaknesses:

    • CVE-2025-22224 (CVSS 9.3): A Time-of-Check to Time-of-Use (TOCTOU) flaw facilitating an out-of-bounds write. A threat actor with administrative control over a virtual machine could exploit this to run arbitrary code within the VMX process on the host system.
    • CVE-2025-22225 (CVSS 8.2): A sandbox-escape vulnerability stemming from an arbitrary write weakness. If leveraged, an attacker inside the VMX process could breach containment and execute malicious actions.
    • CVE-2025-22226 (CVSS 7.1): An out-of-bounds read vulnerability in HGFS allowing an adversary with admin-level VM privileges to siphon memory data from the VMX process.

    Impacted VMware Releases & Patch Fixes:

    • VMware ESXi 8.0: Mitigated in ESXi80U3d-24585383, ESXi80U2d-24585300
    • VMware ESXi 7.0: Fixed in ESXi70U3s-24585291
    • VMware Workstation 17.x: Remediated in 17.6.3
    • VMware Fusion 13.x: Addressed in 13.6.3
    • VMware Cloud Foundation 5.x: Async patch via ESXi80U3d-24585383
    • VMware Cloud Foundation 4.x: Async patch via ESXi70U3s-24585291
    • VMware Telco Cloud Platform 5.x, 4.x, 3.x, 2.x: Patched in ESXi 7.0U3s, ESXi 8.0U2d, ESXi 8.0U3d
    • VMware Telco Cloud Infrastructure 3.x, 2.x: Fixed in ESXi 7.0U3s

    Exploitation Confirmed in the Wild

    Broadcom has acknowledged that these vulnerabilities have been exploited in real-world attacks, though specifics regarding attack methodology, threat actor identity, and operational impact remain undisclosed. The company emphasized the imperative need for administrators to immediately deploy security patches to neutralize risks.

    The Microsoft Threat Intelligence Center has been credited for uncovering these security lapses and reporting them. Given the active weaponization of these vulnerabilities, organizations must act swiftly to fortify their virtual infrastructure against emerging threats.

    Recent Articles

    Related Stories

    EDITOR PICKS

    POPULAR POSTS

    ABOUT US

    Owlysec is an important source of information in the field of cybersecurity. It provides its readers with the latest developments in cybersecurity through current news and analyses compiled from reliable sources. Its goal is to increase cybersecurity awareness and create awareness of security threats in the digital world. Stay up-to-date, stay safe - follow the cyber world closely with Owlysec!

    Kontakt: [email protected]

    POPULAR CATEGORY

    FOLLOW US

    © 2024 Alle Rechte vorbehalten. Layout & technische Umsetzung: Webagentur in Gelsenkirchen – webpen.de