CVE-2025-22225

CVSS 8.2 HIGHEPSS 1.0%● KEVCWE-123

In short

VMware ESXi has a flaw that allows someone with access inside a virtual machine process to write data directly to the system's core memory, potentially breaking out of the VM's isolation and affecting the entire server.

Technical detail

An authenticated threat actor with VMX process privileges can trigger an arbitrary kernel write vulnerability to escape the virtual machine sandbox. This requires prior compromise or elevated privileges within the guest environment and results in potential hypervisor-level code execution and privilege escalation.

Summary generated and translated by AI from the official description.

VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected products

n/a · VMware Cloud Foundation n/a · VMware ESXi n/a · VMware Telco Cloud Infrastructure n/a · VMware Telco Cloud Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22225