Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop

Categories

Home News
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Critical VMware Vulnerabilities (9.3)

WyvernCoWyvernCo Member
in News

Newest vulnerabilities allow code running inside a VM to escape the sandbox and access the hypervisor.

A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390

  • CVE-2025-22224, a heap overflow in the Virtual Machine Communication Interface, with a severity rating of 9.3 out of a possible 10
  • CVE-2025-22225, an arbitrary write vulnerability, with a severity of 8.2
  • CVE-2025-22226, an information-disclosure vulnerability in the host-guest file system, with a severity of 7.1

VMware warned Tuesday that it has evidence suggesting the vulnerabilities are already under active exploitation in the wild.

https://arstechnica.com/security/2025/03/vmware-patches-3-critical-vulnerabilities-in-multiple-product-lines/

Sign In or Register to comment.