THREAT OPS › CVEs › CVE-2025-22226
CVE-2025-22226 — VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to a virtual machine to leak memory from the vmx process.
Vulnerability details
- Affected productsESXi, Workstation, and Fusion
- KEV remediation due2025-03-25