Source: The Hacker News
Author: [email protected] (The Hacker News)
URL: https://thehackernews.com/2025/03/vmware-security-flaws-exploited-in.html
“`markdown
# ONE SENTENCE SUMMARY:
Broadcom released security updates for actively exploited VMware ESXi, Workstation, and Fusion vulnerabilities that enable code execution and data leaks.
# MAIN POINTS:
1. Broadcom patched three VMware security flaws actively exploited in the wild.
2. CVE-2025-22224 allows code execution via a TOCTOU vulnerability with a CVSS score of 9.3.
3. CVE-2025-22225 enables sandbox escape through an arbitrary write flaw with a CVSS score of 8.2.
4. CVE-2025-22226 causes information disclosure via an out-of-bounds read with a CVSS score of 7.1.
5. Affected products include VMware ESXi, Workstation, Fusion, Cloud Foundation, and Telco Cloud Platform.
6. Fixed versions include ESXi 7.0U3s, ESXi 8.0U3d, Workstation 17.6.3, and Fusion 13.6.3.
7. Microsoft Threat Intelligence Center discovered and reported these vulnerabilities.
8. Broadcom confirmed real-world exploitation but did not disclose attack details or threat actor identities.
9. Users are urged to apply patches immediately for protection against active threats.
10. The vulnerabilities impact virtual machine security, potentially compromising host systems.
# TAKEAWAYS:
1. Organizations using VMware products must urgently apply the latest security patches.
2. Exploited vulnerabilities pose significant risks, including code execution and data leaks.
3. Microsoft played a key role in identifying and reporting these security flaws.
4. Broadcom acknowledged real-world exploitation but withheld specific attack details.
5. Keeping virtualization infrastructure updated is crucial to mitigating security risks.
“`