Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to vmware - telco_cloud_infrastructure

Vulnerability from fkie_nvd

Published

2025-03-04 12:15

Modified

2025-03-05 16:21

Severity ?

8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.

References

▼	URL	Tags
	security@vmware.com	https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390	Vendor Advisory

Impacted products

Vendor	Product	Version
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	cloud_foundation	-
vmware	telco_cloud_infrastructure	2.2
vmware	telco_cloud_infrastructure	2.5
vmware	telco_cloud_infrastructure	2.7
vmware	telco_cloud_infrastructure	3.0
vmware	telco_cloud_platform	2.0
vmware	telco_cloud_platform	2.5
vmware	telco_cloud_platform	2.7
vmware	telco_cloud_platform	3.0
vmware	telco_cloud_platform	4.0
vmware	telco_cloud_platform	4.0.1
vmware	telco_cloud_platform	5.0

JSON

To clipboard

{
   cisaActionDue: "2025-03-25",
   cisaExploitAdd: "2025-03-04",
   cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
   cisaVulnerabilityName: "VMware ESXi Arbitrary Write Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
                     matchCriteriaId: "F030A666-1955-438B-8417-5C294905399F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
                     matchCriteriaId: "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
                     matchCriteriaId: "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
                     matchCriteriaId: "B7619C16-5306-4C4A-88E8-E80876635F66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
                     matchCriteriaId: "238E7AF4-722B-423D-ABB1-424286B06715",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
                     matchCriteriaId: "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
                     matchCriteriaId: "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
                     matchCriteriaId: "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
                     matchCriteriaId: "12D385F0-DB2B-4802-AD0E-31441DA056B9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
                     matchCriteriaId: "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
                     matchCriteriaId: "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
                     matchCriteriaId: "39817170-5C45-4F8A-916D-81B7352055DD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
                     matchCriteriaId: "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
                     matchCriteriaId: "A2F831A7-544E-4B45-BA49-7F7A0234579C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
                     matchCriteriaId: "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
                     matchCriteriaId: "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
                     matchCriteriaId: "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
                     matchCriteriaId: "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
                     matchCriteriaId: "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
                     matchCriteriaId: "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
                     matchCriteriaId: "F965D853-EE4A-41F5-840B-2D009ACC9754",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
                     matchCriteriaId: "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
                     matchCriteriaId: "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
                     matchCriteriaId: "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
                     matchCriteriaId: "DA4E9185-44BA-41E6-8600-C8616E199334",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3p:*:*:*:*:*:*",
                     matchCriteriaId: "F50302BB-B950-4178-A109-358393E0A50A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3q:*:*:*:*:*:*",
                     matchCriteriaId: "BCCA4A31-1291-4FB4-9FA5-D2CCD086D660",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3r:*:*:*:*:*:*",
                     matchCriteriaId: "78604FE5-510F-4979-B2E3-D36B3083224A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
                     matchCriteriaId: "FE44B379-9943-4DD1-8514-26F87482AFA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
                     matchCriteriaId: "2A797377-8945-4D75-AA68-A768855E5842",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
                     matchCriteriaId: "79D84D76-54BE-49E9-905C-7D65B4B42D68",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
                     matchCriteriaId: "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
                     matchCriteriaId: "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
                     matchCriteriaId: "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*",
                     matchCriteriaId: "18FD08C9-5895-4BF4-BBE0-C2DDA5F6B836",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
                     matchCriteriaId: "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*",
                     matchCriteriaId: "B16ED7C1-9881-452A-8BE0-EDDEAEFE3D7B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*",
                     matchCriteriaId: "ED92209F-FBD6-43F9-9A15-3842B139FCC9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3:*:*:*:*:*:*",
                     matchCriteriaId: "6B701151-1B57-4E2D-A9AB-586FACEA2385",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3b:*:*:*:*:*:*",
                     matchCriteriaId: "4230B9AA-9E0C-4AE2-814D-8DD641394879",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3c:*:*:*:*:*:*",
                     matchCriteriaId: "F2FA150B-93E4-44D2-BF6D-347085A95776",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31A7BB38-3238-413E-9736-F1A165D40867",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E46A694-8698-4283-9E25-01F222B63E9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "59B9476F-E5E7-46B6-AC38-4630D0933462",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A045567-2563-4539-8E95-361087CB7762",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D11103A7-6AB5-4E78-BE11-BC2A04A09F19",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C5F01D7-2675-4D09-B52B-B02D0EF52AEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5F8D61F-6E8B-4EE3-91DE-EBA6FF7D289E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1E94D58-26A0-4E84-8CAD-F8CDB6707642",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC33D39A-5760-467E-8284-F4E5D8082BBD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "448206AA-A023-4AA1-98FD-35BC2A2AB2B5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:4.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E30F8-B977-40A5-9E45-89B5C5E59170",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6B84F65-2E52-4445-8F97-2729B84B18E3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.",
      },
      {
         lang: "es",
         value: "VMware ESXi contiene una vulnerabilidad de escritura arbitraria. Un actor malintencionado con privilegios dentro del proceso VMX puede activar una escritura arbitraria en el kernel que provoque un escape del entorno aislado.",
      },
   ],
   id: "CVE-2025-22225",
   lastModified: "2025-03-05T16:21:26.263",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 6,
            source: "security@vmware.com",
            type: "Secondary",
         },
      ],
   },
   published: "2025-03-04T12:15:33.840",
   references: [
      {
         source: "security@vmware.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390",
      },
   ],
   sourceIdentifier: "security@vmware.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-123",
            },
         ],
         source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2025-03-04 12:15

Modified

2025-03-05 16:22

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Summary

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

References

▼	URL	Tags
	security@vmware.com	https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390	Vendor Advisory

Impacted products

Vendor	Product	Version
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	cloud_foundation	-
vmware	fusion	*
vmware	telco_cloud_infrastructure	2.2
vmware	telco_cloud_infrastructure	2.5
vmware	telco_cloud_infrastructure	2.7
vmware	telco_cloud_infrastructure	3.0
vmware	telco_cloud_platform	2.0
vmware	telco_cloud_platform	2.5
vmware	telco_cloud_platform	2.7
vmware	telco_cloud_platform	3.0
vmware	telco_cloud_platform	4.0
vmware	telco_cloud_platform	4.0.1
vmware	telco_cloud_platform	5.0
vmware	workstation	*

JSON

To clipboard

{
   cisaActionDue: "2025-03-25",
   cisaExploitAdd: "2025-03-04",
   cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
   cisaVulnerabilityName: "VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
                     matchCriteriaId: "F030A666-1955-438B-8417-5C294905399F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
                     matchCriteriaId: "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
                     matchCriteriaId: "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
                     matchCriteriaId: "B7619C16-5306-4C4A-88E8-E80876635F66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
                     matchCriteriaId: "238E7AF4-722B-423D-ABB1-424286B06715",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
                     matchCriteriaId: "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
                     matchCriteriaId: "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
                     matchCriteriaId: "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
                     matchCriteriaId: "12D385F0-DB2B-4802-AD0E-31441DA056B9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
                     matchCriteriaId: "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
                     matchCriteriaId: "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
                     matchCriteriaId: "39817170-5C45-4F8A-916D-81B7352055DD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
                     matchCriteriaId: "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
                     matchCriteriaId: "A2F831A7-544E-4B45-BA49-7F7A0234579C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
                     matchCriteriaId: "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
                     matchCriteriaId: "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
                     matchCriteriaId: "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
                     matchCriteriaId: "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
                     matchCriteriaId: "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
                     matchCriteriaId: "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
                     matchCriteriaId: "F965D853-EE4A-41F5-840B-2D009ACC9754",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
                     matchCriteriaId: "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
                     matchCriteriaId: "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
                     matchCriteriaId: "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
                     matchCriteriaId: "DA4E9185-44BA-41E6-8600-C8616E199334",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3p:*:*:*:*:*:*",
                     matchCriteriaId: "F50302BB-B950-4178-A109-358393E0A50A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3q:*:*:*:*:*:*",
                     matchCriteriaId: "BCCA4A31-1291-4FB4-9FA5-D2CCD086D660",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3r:*:*:*:*:*:*",
                     matchCriteriaId: "78604FE5-510F-4979-B2E3-D36B3083224A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
                     matchCriteriaId: "FE44B379-9943-4DD1-8514-26F87482AFA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
                     matchCriteriaId: "2A797377-8945-4D75-AA68-A768855E5842",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
                     matchCriteriaId: "79D84D76-54BE-49E9-905C-7D65B4B42D68",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
                     matchCriteriaId: "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
                     matchCriteriaId: "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
                     matchCriteriaId: "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*",
                     matchCriteriaId: "18FD08C9-5895-4BF4-BBE0-C2DDA5F6B836",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
                     matchCriteriaId: "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*",
                     matchCriteriaId: "B16ED7C1-9881-452A-8BE0-EDDEAEFE3D7B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*",
                     matchCriteriaId: "ED92209F-FBD6-43F9-9A15-3842B139FCC9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3:*:*:*:*:*:*",
                     matchCriteriaId: "6B701151-1B57-4E2D-A9AB-586FACEA2385",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3b:*:*:*:*:*:*",
                     matchCriteriaId: "4230B9AA-9E0C-4AE2-814D-8DD641394879",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3c:*:*:*:*:*:*",
                     matchCriteriaId: "F2FA150B-93E4-44D2-BF6D-347085A95776",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31A7BB38-3238-413E-9736-F1A165D40867",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F76F8A7-6184-4A39-9FA5-2337CC9D4CB1",
                     versionEndExcluding: "13.6.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E46A694-8698-4283-9E25-01F222B63E9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "59B9476F-E5E7-46B6-AC38-4630D0933462",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A045567-2563-4539-8E95-361087CB7762",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D11103A7-6AB5-4E78-BE11-BC2A04A09F19",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C5F01D7-2675-4D09-B52B-B02D0EF52AEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5F8D61F-6E8B-4EE3-91DE-EBA6FF7D289E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1E94D58-26A0-4E84-8CAD-F8CDB6707642",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC33D39A-5760-467E-8284-F4E5D8082BBD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "448206AA-A023-4AA1-98FD-35BC2A2AB2B5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:4.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E30F8-B977-40A5-9E45-89B5C5E59170",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6B84F65-2E52-4445-8F97-2729B84B18E3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3124246D-3287-4657-B40D-E7B80A44E7D7",
                     versionEndExcluding: "17.6.3",
                     versionStartIncluding: "17.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.",
      },
      {
         lang: "es",
         value: "VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de divulgación de información debido a una lectura fuera de los límites en HGFS. Un actor malintencionado con privilegios administrativos en una máquina virtual podría aprovechar este problema para filtrar memoria del proceso vmx.",
      },
   ],
   id: "CVE-2025-22226",
   lastModified: "2025-03-05T16:22:52.433",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.5,
            impactScore: 4,
            source: "security@vmware.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "NONE",
               baseScore: 6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2025-03-04T12:15:33.973",
   references: [
      {
         source: "security@vmware.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390",
      },
   ],
   sourceIdentifier: "security@vmware.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd

Published

2025-03-04 12:15

Modified

2025-03-05 16:18

Severity ?

9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

References

▼	URL	Tags
	security@vmware.com	https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390	Vendor Advisory

Impacted products

Vendor	Product	Version
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	7.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	esxi	8.0
vmware	cloud_foundation	-
vmware	telco_cloud_infrastructure	2.2
vmware	telco_cloud_infrastructure	2.5
vmware	telco_cloud_infrastructure	2.7
vmware	telco_cloud_infrastructure	3.0
vmware	telco_cloud_platform	2.0
vmware	telco_cloud_platform	2.5
vmware	telco_cloud_platform	2.7
vmware	telco_cloud_platform	3.0
vmware	telco_cloud_platform	4.0
vmware	telco_cloud_platform	4.0.1
vmware	telco_cloud_platform	5.0
vmware	workstation	*

JSON

To clipboard

{
   cisaActionDue: "2025-03-25",
   cisaExploitAdd: "2025-03-04",
   cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
   cisaVulnerabilityName: "VMware ESXi and Workstation TOCTOU Race Condition Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
                     matchCriteriaId: "F030A666-1955-438B-8417-5C294905399F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
                     matchCriteriaId: "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
                     matchCriteriaId: "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
                     matchCriteriaId: "B7619C16-5306-4C4A-88E8-E80876635F66",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
                     matchCriteriaId: "238E7AF4-722B-423D-ABB1-424286B06715",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
                     matchCriteriaId: "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
                     matchCriteriaId: "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
                     matchCriteriaId: "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
                     matchCriteriaId: "12D385F0-DB2B-4802-AD0E-31441DA056B9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
                     matchCriteriaId: "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
                     matchCriteriaId: "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
                     matchCriteriaId: "39817170-5C45-4F8A-916D-81B7352055DD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
                     matchCriteriaId: "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
                     matchCriteriaId: "A2F831A7-544E-4B45-BA49-7F7A0234579C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
                     matchCriteriaId: "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
                     matchCriteriaId: "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
                     matchCriteriaId: "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
                     matchCriteriaId: "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
                     matchCriteriaId: "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
                     matchCriteriaId: "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
                     matchCriteriaId: "F965D853-EE4A-41F5-840B-2D009ACC9754",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
                     matchCriteriaId: "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
                     matchCriteriaId: "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
                     matchCriteriaId: "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
                     matchCriteriaId: "DA4E9185-44BA-41E6-8600-C8616E199334",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3p:*:*:*:*:*:*",
                     matchCriteriaId: "F50302BB-B950-4178-A109-358393E0A50A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3q:*:*:*:*:*:*",
                     matchCriteriaId: "BCCA4A31-1291-4FB4-9FA5-D2CCD086D660",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:7.0:update_3r:*:*:*:*:*:*",
                     matchCriteriaId: "78604FE5-510F-4979-B2E3-D36B3083224A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
                     matchCriteriaId: "FE44B379-9943-4DD1-8514-26F87482AFA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
                     matchCriteriaId: "2A797377-8945-4D75-AA68-A768855E5842",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
                     matchCriteriaId: "79D84D76-54BE-49E9-905C-7D65B4B42D68",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
                     matchCriteriaId: "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
                     matchCriteriaId: "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
                     matchCriteriaId: "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*",
                     matchCriteriaId: "18FD08C9-5895-4BF4-BBE0-C2DDA5F6B836",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
                     matchCriteriaId: "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*",
                     matchCriteriaId: "B16ED7C1-9881-452A-8BE0-EDDEAEFE3D7B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*",
                     matchCriteriaId: "ED92209F-FBD6-43F9-9A15-3842B139FCC9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3:*:*:*:*:*:*",
                     matchCriteriaId: "6B701151-1B57-4E2D-A9AB-586FACEA2385",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3b:*:*:*:*:*:*",
                     matchCriteriaId: "4230B9AA-9E0C-4AE2-814D-8DD641394879",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:8.0:update_3c:*:*:*:*:*:*",
                     matchCriteriaId: "F2FA150B-93E4-44D2-BF6D-347085A95776",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31A7BB38-3238-413E-9736-F1A165D40867",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E46A694-8698-4283-9E25-01F222B63E9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "59B9476F-E5E7-46B6-AC38-4630D0933462",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A045567-2563-4539-8E95-361087CB7762",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_infrastructure:3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D11103A7-6AB5-4E78-BE11-BC2A04A09F19",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C5F01D7-2675-4D09-B52B-B02D0EF52AEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5F8D61F-6E8B-4EE3-91DE-EBA6FF7D289E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:2.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1E94D58-26A0-4E84-8CAD-F8CDB6707642",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC33D39A-5760-467E-8284-F4E5D8082BBD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "448206AA-A023-4AA1-98FD-35BC2A2AB2B5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:4.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E30F8-B977-40A5-9E45-89B5C5E59170",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:telco_cloud_platform:5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6B84F65-2E52-4445-8F97-2729B84B18E3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3124246D-3287-4657-B40D-E7B80A44E7D7",
                     versionEndExcluding: "17.6.3",
                     versionStartIncluding: "17.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.",
      },
      {
         lang: "es",
         value: "VMware ESXi y Workstation contienen una vulnerabilidad TOCTOU (Time-of-Check Time-of-Use) que provoca una escritura fuera de los límites. Un actor malintencionado con privilegios administrativos locales en una máquina virtual puede aprovechar este problema para ejecutar código como el proceso VMX de la máquina virtual que se ejecuta en el host.",
      },
   ],
   id: "CVE-2025-22224",
   lastModified: "2025-03-05T16:18:36.103",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 9.3,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.5,
            impactScore: 6,
            source: "security@vmware.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.5,
            impactScore: 6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2025-03-04T12:15:33.687",
   references: [
      {
         source: "security@vmware.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390",
      },
   ],
   sourceIdentifier: "security@vmware.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-367",
            },
         ],
         source: "nvd@nist.gov",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-367",
            },
         ],
         source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
         type: "Primary",
      },
   ],
}