Broadcom has published a report on the discovery of three critical vulnerabilities in their recently acquired VMWare ESXi product lineup. These vulnerabilities allow attackers with local admin privileges on a virtual machine to execute code on the host, escape sandboxes, and leak memory. They impact various VMware products, with the highest severity enabling hypervisor-level code execution.
VMWare ESXi Flaws Discovered and Exploited
On March 4, 2025, Broadcom disclosed three zero-day vulnerabilities affecting a selection of its products, including VMWare ESXi, Workstation, and others. These vulnerabilities, identified as CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, have been exploited in the wild. Attackers with local administrative privileges on a virtual machine can exploit these vulnerabilities to execute code as the VMX process on the host, escape sandbox restrictions, and leak sensitive memory data. This is potentially leading to hypervisor takeover and broader system compromise.
The vulnerabilities affect multiple versions of VMware ESXi, Workstation Pro/Player, Fusion, VMware Cloud Foundation, and VMware Telco Cloud Platform. CVSSv3 scores range from 7.1 to 9.3, with CVE-2025-22224 being the most severe at 9.3. All three vulnerabilities have been confirmed as actively exploited in the wild.
Technical Details
While all three vulnerabilities require existing privileged access to the target system and cannot be exploited remotely, this does not negate their severity. CVE-2025-22224 is a critical vulnerability in the VMCI (Virtual Machine Communication Interface), which enables communication between guest and host systems in VMware ESXi and Workstation. The CVSSv3 score for this vulnerability is 9.3, indicating its high severity and the relative ease of exploitation for attackers with local admin access. It arises from a heap overflow caused by a time-of-check-to-time-of-use (TOCTOU) race condition, leading to an out-of-bounds write.
An attacker with local administrative privileges on a virtual machine can exploit this flaw to execute arbitrary code as the VMX process on the host, effectively breaking out of the VM’s isolation. This poses a severe risk, potentially allowing full system compromise, including access to other virtual machines and the underlying hypervisor. Exploitation has been confirmed in real-world attacks, with reports from the Microsoft Threat Intelligence Center detailing active use in the wild.
Another vulnerability is CVE-2025-22225, a critical vulnerability, that affecting the VMX process in VMware ESXi, a core component of virtual machine execution. With a CVSSv3 score of 8.2, this vulnerability is considered highly severe due to the potential for privilege escalation. It allows an arbitrary kernel write, enabling an attacker with privileges within the VMX process to manipulate kernel memory and escape the sandbox.
Bypassing security restrictions in this way can grant higher privileges or even code execution on the host, making sandbox escape a serious threat. An attacker moving from a compromised virtual machine to the host significantly expands their attack capabilities. It is also actively exploited in the wild, and no known workarounds exist.
The last one, CVE-2025-22226, is an information-disclosure vulnerability in the Host Guest File System (HGFS). The vulnerability facilitates file sharing between host and guest systems in VMware ESXi, Workstation, and Fusion. With a CVSSv3 score of 7.1, this issue is rated as important, primarily due to its focus on data leakage rather than direct code execution. It results from an out-of-bounds read, allowing an attacker with administrative privileges on a virtual machine to leak memory from the VMX process.
This vulnerability can expose sensitive data, such as encryption keys or passwords, stored in memory. Such leaks can be leveraged for further attacks, including credential theft and data exfiltration, compromising system confidentiality. It is actively exploited in the wild, with confirmed reports detailing its use in real-world attacks.
Broadcom Fixes VMWare ESXi Flaws
Broadcom, the parent company overseeing VMware, has responded swiftly to these vulnerabilities by releasing patches and providing support resources. Updated versions have been made available for all affected products. VMware ESXi 8.0 has been patched with version ESXi80U3d-24585383, with release notes accessible at Broadcom’s website. VMware Workstation 17.x has been updated to version 17.6.3, with downloads available for both Windows and Linux. VMware Fusion 13.x has also received an update to version 13.6.3.
There are no workarounds for these vulnerabilities, making patching the only viable mitigation. For VMware Cloud Foundation and Telco Cloud Platform, updates are applied asynchronously, requiring users to install the latest ESXi patches.
