High Threat Security Alert (A25-03-03): Multiple Vulnerabilities in VMware Products


 

Published on: 06 March 2025

  
  

Description:

VMware has published a security advisory to address multiple vulnerabilities in VMware products. The details of patches can be found at:
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

Reports indicate that multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226) in VMware ESXi, Fusion, Workstation, Cloud Foundation and Telco Cloud Platform are being exploited in the wild. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • VMware ESXi
  • VMware Workstation Pro / Player (Workstation)
  • VMware Fusion
  • VMware Cloud Foundation
  • VMware Telco Cloud Platform

 

Impact:

Depending on the vulnerabilities being exploited, a successful exploitation could lead to remote code execution, information disclosure or tampering on the affected system.

 

Recommendation:

Patches for affected systems are available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390
  • https://www.hkcert.org/security-bulletin/vmware-products-multiple-vulnerabilities_20250305
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22224 (to CVE-2024-22226)


Tag: VMware , ESXi , VMware Workstation , VMware Fusion , VMware Cloud Foundation , VMware Telco Cloud Platform
Tags