CVE-2025-22224

VMware ESXi, and Workstationcontain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write.A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
TOCTOU
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 CRITICAL
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
vmwareCNA
9.3 CRITICAL
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
vmwareesxi
7.0
vmwareesxi
7.0:beta
vmwareesxi
7.0:update_1
vmwareesxi
7.0:update_1a
vmwareesxi
7.0:update_1b
vmwareesxi
7.0:update_1c
vmwareesxi
7.0:update_1d
vmwareesxi
7.0:update_1e
vmwareesxi
7.0:update_2
vmwareesxi
7.0:update_2a
vmwareesxi
7.0:update_2c
vmwareesxi
7.0:update_2d
vmwareesxi
7.0:update_2e
vmwareesxi
7.0:update_3
vmwareesxi
7.0:update_3c
vmwareesxi
7.0:update_3d
vmwareesxi
7.0:update_3e
vmwareesxi
7.0:update_3f
vmwareesxi
7.0:update_3g
vmwareesxi
7.0:update_3i
vmwareesxi
7.0:update_3j
vmwareesxi
7.0:update_3k
vmwareesxi
7.0:update_3l
vmwareesxi
7.0:update_3m
vmwareesxi
7.0:update_3n
vmwareesxi
7.0:update_3o
vmwareesxi
7.0:update_3p
vmwareesxi
7.0:update_3q
vmwareesxi
7.0:update_3r
vmwareesxi
8.0
vmwareesxi
8.0:a
vmwareesxi
8.0:b
vmwareesxi
8.0:c
vmwareesxi
8.0:update_1
vmwareesxi
8.0:update_1a
vmwareesxi
8.0:update_1c
vmwareesxi
8.0:update_1d
vmwareesxi
8.0:update_2
vmwareesxi
8.0:update_2b
vmwareesxi
8.0:update_2c
vmwareesxi
8.0:update_3
vmwareesxi
8.0:update_3b
vmwareesxi
8.0:update_3c
vmwarecloud_foundation
-
vmwaretelco_cloud_infrastructure
2.2
vmwaretelco_cloud_infrastructure
2.5
vmwaretelco_cloud_infrastructure
2.7
vmwaretelco_cloud_infrastructure
3.0
vmwaretelco_cloud_platform
2.0
vmwaretelco_cloud_platform
2.5
vmwaretelco_cloud_platform
2.7
vmwaretelco_cloud_platform
3.0
vmwaretelco_cloud_platform
4.0
vmwaretelco_cloud_platform
4.0.1
vmwaretelco_cloud_platform
5.0
vmwareworkstation
17.0 ≤
𝑥
< 17.6.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22224