VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HVMware Cloud Foundation
APPVmwarewszystkie wersjeVMware ESXi
OSVmware7.08.0VMware Telco Cloud Infrastructure
APPVmware2.22.52.73.0VMware Telco Cloud Platform
APPVmware2.02.52.73.04.04.0.15.0
CISA KEV — detailsi
- Vendori
- VMware ↗
- Producti
- ESXi
- Added to KEVi
- March 4, 2025
- Remediation deadline (US Federal)i
- March 25, 2025(overdue)
- Ransomwarei
- Active ransomware campaigns exploit this vulnerability
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.
Related vulnerabilities
VMware ESXi/Workstation: TOCTOU umożliwia ucieczkę z VM przez VMX process
VMware vCenter Server — heap-overflow w DCERPC umożliwia RCE
Heap overflow w VMware vCenter Server via protokół DCERPC — RCE
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor...