CVE-2025-22225
VMware ESXi Arbitrary Write Vulnerability
CVSS
—
Sin CVSS
EPSS
1.0%
p58
KEV
SÍ
4 mar 2025
Exploit Today
67
0-100
Publicado: — · Última mod.: —
Producto
VMware / ESXi
Vulnerabilidad
VMware ESXi Arbitrary Write Vulnerability
Añadido a KEV
4 mar 2025
Remediar antes de
25 mar 2025
Uso conocido en ransomware
Sí
Descripción resumida
VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.
Acción requerida
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notas
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 ; https://nvd.nist.gov/vuln/detail/CVE-2025-22225