CVE-2025-22224

CVSS 9.3 CRITICALEPSS 1.5%● KEVCWE-367

In short

VMware ESXi and Workstation have a race condition flaw that allows someone with admin access to a virtual machine to write data outside allowed memory bounds, potentially letting them run malicious code on the host system.

Technical detail

A TOCTOU vulnerability in VMware ESXi and Workstation permits out-of-bounds memory writes when a window exists between privilege validation and memory access. An attacker with local administrative privileges within a guest VM can exploit this race condition to achieve arbitrary code execution in the VMX process on the host, breaching VM isolation.

Summary generated and translated by AI from the official description.

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected products

VMware · ESXi VMware · Telco Cloud Infrastructure VMware · Telco Cloud Platform VMware · VMware Cloud Foundation VMware · Workstation

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22224