03-12-2025, 03:30 AM
See: https://www.rapid7.com/blog/post/2025/03...-products/
I don't directly deal with our ESXi systems at work, but they were up patching systems tonight for this. A few days late
but...NMFP!
- CVE-2025-22224 (CVSS 9.3): A Time-of-Check Time-of-Use (TOCTOU) vulnerability in VMware ESXi and Workstation that can lead to an out-of-bounds write condition. An attacker with local administrative privileges on a virtual machine could exploit this issue to execute code as the virtual machine's VMX process running on the host.
- CVE-2025-22225 (CVSS 8.2): An arbitrary write vulnerability in VMware ESXi that allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.
- CVE-2025-22226 (CVSS 7.1): An information disclosure vulnerability in VMware ESXi, Workstation, and Fusion that arises from an out-of-bounds read in the Host Guest File System (HGFS). An attacker with administrative privileges to a virtual machine could exploit this issue to leak memory from the VMX process.
I don't directly deal with our ESXi systems at work, but they were up patching systems tonight for this. A few days late
but...NMFP!
Join us in #reddit-sysadmin on the Libera.Chat IRC Network!