Security News > 2025 > March > VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
2025-03-04 14:13

Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows - CVE-2025-22224 (CVSS score: 9.3) - A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with


News URL

https://thehackernews.com/2025/03/vmware-security-flaws-exploited-in.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2025-03-04 CVE-2025-22224 Unspecified vulnerability in VMWare products
VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
local
low complexity
vmware
8.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 148 11 224 258 101 594