Summary: Three critical zero-day vulnerabilities in VMware products have been identified, exposing over 41,000 ESXi instances globally to potential virtual machine escapes. The vulnerabilities, disclosed by Broadcom, could allow attackers, once they gain administrator privileges, to breach the hypervisor and compromise other VMs. Organizations are urged to apply patches immediately to mitigate this serious security risk.
Affected: VMware ESXi
Keypoints :
- Vulnerabilities include CVE-2025-22224 (CVSS 9.3), CVE-2025-22225 (CVSS 8.2), and CVE-2025-22226 (CVSS 7.1).
- Exploitation requires chaining all three vulnerabilities and prior admin access on the VM.
- The flaws could allow attackers to breach multiple customer environments hosted on the same cloud infrastructure.
- Detection of attacks may be challenging due to lack of visibility for security defenses in virtual environments.
- Historical precedents show ESXi is a favored target for attackers, emphasizing the urgency of patching.
Source: https://www.darkreading.com/remote-workforce/zero-days-risk-vm-escape-attacks