March 7, 2026

PBX Science

VoIP & PBX, Networking, DIY, Computers.

VMware Security Alert: Critical Patches for ESXi, Workstation, and Fusion Vulnerabilities

1 year ago

VMware Security Alert: Critical Patches for ESXi, Workstation, and Fusion Vulnerabilities

VMware Security Alert: Critical Patches for ESXi, Workstation, and Fusion Vulnerabilities

VMware Urgent Security Advisory: VMSA-2025-0004 Addresses Actively Exploited Vulnerabilities in ESXi, Workstation, and Fusion

VMware has released updates for ESXi, Workstation, and Fusion to address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226). Immediate patching is required. For details on previous high-risk vulnerabilities in VMware vCenter (CVE-2024-38812 and CVE-2024-38813) and their fixes, refer to earlier advisories.

Broadcom’s VMware team has confirmed that CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 are being actively exploited in the wild. It is critical to apply the necessary patches immediately.

VMware Security Alert: Critical Patches for ESXi, Workstation, and Fusion Vulnerabilities

Affected Products:

  • VMware ESXi

  • VMware Workstation Pro / Player (Workstation)

  • VMware Fusion

  • VMware Cloud Foundation

  • VMware Telco Cloud Platform

Security Advisory KB

Vulnerability Details

1. VMCI Heap Overflow Vulnerability (CVE-2025-22224)

Description: A Time-of-Check Time-of-Use (TOCTOU) vulnerability in VMware ESXi and Workstation may lead to an out-of-bounds write. VMware has classified this as a critical issue, with a maximum CVSSv3 base score of 9.3.

Attack Vector: A malicious actor with local administrative privileges on a virtual machine could exploit this vulnerability to execute code within the VMX process on the host.

Solution: Apply the patch specified in the “Fixed Versions” column of the “Response Matrix.”

Workaround: None.

Note: Broadcom’s VMware team has confirmed that this vulnerability is being actively exploited in the wild.

2. VMware ESXi Arbitrary Write Vulnerability (CVE-2025-22225)

Description: VMware ESXi contains an arbitrary write vulnerability. This has been assessed as a high-severity issue, with a maximum CVSSv3 base score of 8.2.

Attack Vector: An attacker with access to the VMX process could trigger an arbitrary kernel write, potentially leading to sandbox escape.

Solution: Apply the relevant patch listed in the “Fixed Versions” column of the “Response Matrix.”

Workaround: None.

Note: Broadcom’s VMware team has confirmed active exploitation of this vulnerability in the wild.

3. HGFS Information Disclosure Vulnerability (CVE-2025-22226)

Description: VMware ESXi, Workstation, and Fusion contain an out-of-bounds read vulnerability in HGFS, leading to potential information disclosure. VMware has classified this issue as high severity, with a maximum CVSSv3 base score of 7.1.

Attack Vector: An attacker with administrative privileges on a virtual machine could exploit this issue to leak memory from the VMX process.

Solution: Apply the patch specified in the “Fixed Versions” column of the “Response Matrix.”

Workaround: None.

Note: Broadcom’s VMware team has confirmed that this vulnerability is being actively exploited in the wild.

Affected Products and Fixed Versions

Product Version CVE IDs CVSSv3 Score Severity Fixed Version
VMware ESXi 8.0 CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 9.3, 8.2, 7.1 Critical ESXi80U3d-24585383
VMware ESXi 8.0 CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 9.3, 8.2, 7.1 Critical ESXi80U2d-24585300
VMware ESXi 7.0 CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 9.3, 8.2, 7.1 Critical ESXi70U3s-24585291
VMware Workstation 17.x CVE-2025-22224, CVE-2025-22226 9.3, 7.1 Critical 17.6.3
VMware Fusion 13.x CVE-2025-22226 7.1 Important 13.6.3
VMware Cloud Foundation 5.x CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 9.3, 8.2, 7.1 Critical ESXi80U3d-24585383 (Asynchronous Patch)
VMware Cloud Foundation 4.5.x CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 9.3, 8.2, 7.1 Critical ESXi70U3s-24585291 (Asynchronous Patch)
VMware Telco Cloud Platform 5.x, 4.x, 3.x, 2.x CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 9.3, 8.2, 7.1 Critical KB389385
VMware Telco Cloud Infrastructure 3.x, 2.x CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 9.3, 8.2, 7.1 Critical KB389385

Download and Documentation Links

For more details and downloads, visit Broadcom’s official site.

VMware Security Alert: Critical Patches for ESXi, Workstation, and Fusion Vulnerabilities

Windows Software Alternatives in Linux

Windows-Friendly Linux
Office
Email Client
Image Editing
Video Editing
PDF Editing
Project Management
Disk Encryption

Disclaimer of pbxscience.com

Tags:

More Stories

The Quiet Death of the Powerline Adapter

3 hours ago
NVIDIA Releases Hotfix Driver to Address Gaming Performance Issues Following Windows Update

NVIDIA’s RTX 3060 Reportedly Set to Return This Month — But Treat It as a Rumor

4 hours ago
How ZeroClaw — a 3.4 MB Rust binary — is turning a $10 Raspberry Pi into a fully autonomous, always-on AI agent capable of running Claude, DeepSeek, and Qwen without Node.js, Python, or compromise.

How ZeroClaw — a 3.4 MB Rust binary — is turning a $10 Raspberry Pi into a fully autonomous

10 hours ago

You may have missed

The Quiet Death of the Powerline Adapter

3 hours ago
NVIDIA Releases Hotfix Driver to Address Gaming Performance Issues Following Windows Update

NVIDIA’s RTX 3060 Reportedly Set to Return This Month — But Treat It as a Rumor

4 hours ago
How ZeroClaw — a 3.4 MB Rust binary — is turning a $10 Raspberry Pi into a fully autonomous, always-on AI agent capable of running Claude, DeepSeek, and Qwen without Node.js, Python, or compromise.

How ZeroClaw — a 3.4 MB Rust binary — is turning a $10 Raspberry Pi into a fully autonomous

10 hours ago

Google’s AI Now Writes Half Its Code — But the Real Story Is What Comes Next

11 hours ago
PBXscience.com © All Copyrights Reserved. | Newsphere by AF themes.