COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2025-22225

CVE-2025-22225

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-03-04
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-22225
⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wild

VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.

Players implicated

VMware, Inc. · vendorESXi · product

Description

VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.