CVE-2025-22225
| CVE Published | 2025-03-04 |
|---|---|
| Related CWE(s) | CWE-123: Write-what-where Condition, CWE-787: Out-of-bounds Write |
| Related Vendor(s) | vmware |
| Related Product(s) | esxi, telco_cloud_platform, telco_cloud_infrastructure, cloud_foundation |
| Exploitation Reported (CISA KEV) | 2025-03-04 |
| CVSS 3 Base Score | 8.2 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph