Main Vulnerability Database Vulnerabilities #VU105279

Permissions, Privileges, and Access Controls in VMware ESXi - CVE-2025-22225

Published: March 4, 2025

Vulnerability identifier: #VU105279

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:A/U:Amber

CVE-ID: CVE-2025-22225

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vendor: VMware, Inc

Affected software:
VMware ESXi

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions. A malicious guest with access to the VMX process can write arbitrary data to kernel and bypass sandbox restrictions.

Note, the vulnerability is being actively exploited in the wild.

How to mitigate CVE-2025-22225

Install updates from vendor's website.

Sources

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

Permissions, Privileges, and Access Controls in VMware ESXi - CVE-2025-22225

Detailed vulnerability description

How to mitigate CVE-2025-22225

Sources

Please verify you're human