{"id":2492,"date":"2025-03-26T11:57:42","date_gmt":"2025-03-26T11:57:42","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=2492"},"modified":"2025-03-26T11:57:42","modified_gmt":"2025-03-26T11:57:42","slug":"vmware-plugs-a-high-risk-vulnerability-affecting-its-windows-based-virtualization","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=2492","title":{"rendered":"VMware plugs a high-risk vulnerability affecting its Windows-based virtualization"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Broadcom is warning customers of a high-severity, authentication bypass flaw, now fixed, affecting VMWare Tools for Windows.<\/p>\n<p>Tracked as CVE-2025-22230, the issue stems from improper access control and could allow privilege escalation on the affected system.<\/p>\n<p>\u201cAn authentication bypass vulnerability in VMware Tools for Windows was privately reported to VMware,\u201d said Broadcom in a security advisory. \u201cUpdates are available to remediate this vulnerability in the affected VMware products.\u201d<\/p>\n<p>VMware Tools for Windows is a suite of utilities designed for the performance and functionality of Windows-based virtual machines (VMs) running on VMware-based hypervisors.<\/p>\n<h2 class=\"wp-block-heading\"><a><\/a>A high-risk vulnerability\u00a0<\/h2>\n<p>The flaw is assigned a high-severity CVSS rating with a base score of 7.8 out of 10. The flaw is rated in the high severity range as it can be exploited in low-complexity attacks without any user interaction.<\/p>\n<p>\u201cA malicious actor with non-administrative privileges on a guest VM may gain the ability to perform certain high privilege operations within that VM,\u201d Broadcom said in a <a href=\"https:\/\/support.broadcom.com\/web\/ecx\/support-content-notification\/-\/external\/content\/SecurityAdvisories\/0\/25518\">security advisory<\/a>.<\/p>\n<p>While Broadcom did not mention the exact privileges obtainable from a successful exploit, common risks associated with an admin\/root level privilege on vulnerable VMs include<a href=\"https:\/\/www.csoonline.com\/article\/551717\/vmware-patches-virtual-machine-escape-issue-on-windows.html\"> escaping the VM<\/a> to attack the host, moving<a href=\"https:\/\/knowledge.broadcom.com\/external\/article\/302535\/vmware-overview-of-l1-terminal-fault-l1t.html\"> laterally to other VMs<\/a>, and creating and <a href=\"https:\/\/www.csoonline.com\/article\/567525\/hardware-and-firmware-vulnerabilities-a-guide-to-the-threats.html\">controlling rogue VMs<\/a>.<\/p>\n<p>The vulnerability was reported to VMware by Sergey Bliznyuk of Positive Technologies.<\/p>\n<h2 class=\"wp-block-heading\">Patching is the only workaround<\/h2>\n<p>Broadcom advisory noted that the flaw does not have any workarounds and customers must apply patches rolled out on Tuesday to defend against exploitation.<\/p>\n<p>Affected products include all 11.x and 12.x versions of VMware tools for Windows, and are patched in the 12.5.1[1] rollout. VMware tools for Linux and macOS remain unaffected and customers need to do anything.<\/p>\n<p>Earlier this month VMware <a href=\"https:\/\/www.csoonline.com\/article\/3837874\/vmware-esxi-gets-critical-patches-for-in-the-wild-virtual-machine-escape-attack.html\">plugged three critical vulnerabilities<\/a> affecting its VMware ESXi, Workstation, and Fusion products that were being actively exploited in the wild by attackers. VMware products are an attractive target for threat actors due to their extensive use in enterprise IT, cloud computing, and data centers. Exploitation can grant attackers privileged access, disrupt critical services, and facilitate lateral movement within virtualized environments.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Broadcom is warning customers of a high-severity, authentication bypass flaw, now fixed, affecting VMWare Tools for Windows. Tracked as CVE-2025-22230, the issue stems from improper access control and could allow privilege escalation on the affected system. \u201cAn authentication bypass vulnerability in VMware Tools for Windows was privately reported to VMware,\u201d said Broadcom in a security [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":2493,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-2492","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2492"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2492"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2492\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/2493"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2492"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}