Broadcom has released safety updates to process three active security defects in VMWARE ESXI and the workstation and integration that can lead to the implementation of software instructions and information disclosure.
List of weakness as follows –
CVE-2025-22224 (CVSS Score: 9.3) -A -f Time-Time -f-TRARANSABIICA (TOCTO), can lead to writing a code outside the device, which is ran by a malicious actor with local administrative privileges on the virtual system. Exclusive exposure to writing that a harmful actor can be exploited with privileges in the VMX process to lead to the Escap box
The shortcomings affect the versions below –
Vmware Esxi 8.0 -fixed in Esxi80u3d -24585383, Esxi80U2D -24585300 vmware esxi 7.0 -fixed in Esxi70u3s -24585291 esxi80u3d -24585383 vmware Cloud Foundation 4.X – ASYNC Correction to Esxi70u3s -24585291 vmwar 7.0u3s
In separate common questions, Broadcom acknowledged that she “has information indicating that the exploitation of these issues had occurred” in the wilderness “, but he did not explain the nature of attacks or the identity of the threatening actors who made their weapons.
The virtual simulation provider is attributed to the Microsoft that Intelligence Center to discover and report errors. In light of active exploitation, it is necessary for users to apply the latest corrections for optimal protection.
to update
CISA Security Agency (CISA) has added gaps on zero day to its well -known catalog from the exploited weaknesses (KEV), which requires federal civil agencies to correct by March 25, 2025.
“This is the position that the attacker has already cleared the operating system of the virtual device guest and gained distinctive access (responsible or root) to the transition to Hypervisor himself.”
