Broadcom Patches Critical VMware Zero-Day Exploits: Here is a Quick Look.

  • Home » Broadcom Patches Critical VMware Zero-Day Exploits: Here is a Quick Look.
Broadcom
Featured News Latest News Latest Vulnerabilities Recommended News Security Technology , , , ,

Broadcom Patches Critical VMware Zero-Day Exploits: Here is a Quick Look.

Broadcom recently addressed three critical zero-day vulnerabilities in VMware products. These vulnerabilities, identified as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, were actively exploited in attacks. The Microsoft Threat Intelligence Center reported these flaws, which impacted VMware ESX products, including VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform.

vulnerability-text-over-electronic-circuit-board-background Broadcom Patches Critical VMware Zero-Day Exploits: Here is a Quick Look.

The Vulnerabilities

The first vulnerability, CVE-2025-22224, is a critical-severity VCMI heap overflow vulnerability. It allows local attackers with administrative privileges on the targeted VM to execute code as the VMX process running on the host. The second vulnerability, CVE-2025-22225, is an ESXi arbitrary write vulnerability. It enables the VMX process to trigger arbitrary kernel writes, leading to a sandbox escape. The third vulnerability, CVE-2025-22226, is an HGFS information-disclosure flaw. It allows threat actors with admin permissions to leak memory from the VMX process.

Exploitation in the Wild

Broadcom confirmed that attackers had exploited these vulnerabilities in the wild. They warned that an attacker who had already compromised a virtual machine’s guest OS and gained privileged access (administrator or root) could move into the hypervisor itself. This situation poses a significant risk to organizations using VMware products, as it allows attackers to escape the virtual machine’s sandbox and gain control over the hypervisor.

Impact on VMware Products

The vulnerabilities affected several VMware products, including VMware ESXi, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform. These products are widely used in enterprise operations to store or transfer sensitive corporate data. As a result, the exploitation of these vulnerabilities could have severe consequences for organizations relying on VMware products for their virtualized environments.

Broadcom’s Response

In response to these vulnerabilities, Broadcom released security updates to address the issues. They urged customers to apply the patches immediately to protect their systems from potential attacks. Broadcom also provided additional information and guidance for VMware customers to help them secure their environments.

Conclusion

The discovery and exploitation of these zero-day vulnerabilities highlight the importance of maintaining up-to-date security measures. Organizations must remain vigilant and promptly apply security updates to protect their systems from potential threats. By addressing these vulnerabilities, Broadcom has taken a crucial step in safeguarding VMware products and ensuring the security of their customers’ virtualized environments.

You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it

Share this content:

Tag

Related Posts

Post Comment