<ul><li>Broadcom released emergency updates addressing vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 affecting VMware products.</li><li>The exploited CVE-2025-22224 enables virtual machine escape and direct code execution on ESX hypervisor.</li><li>Vulnerabilities affect various VMware products, potentially impacting more than 41,000 ESXi servers globally.</li><li>The most severe CVE-2025-22224 vulnerability in VMware ESXi allows code execution on the host.</li><li>CVE-2025-22225 permits arbitrary kernel write while CVE-2025-22226 allows information disclosure.</li><li>Exploitation requires administrative privileges on compromised virtual machines.</li><li>Attack scenarios involve compromising a single virtual machine to seize control of the computing cluster.</li><li>Recommendations include promptly updating VMware products and leveraging tools like vMotion for patch deployment.</li><li>Organizations should review settings, properly segment VMware infrastructures, and utilize cloud security tools.</li><li>Having an EDR agent installed on virtual machines is crucial for detection and prevention of initial infections.</li></ul>

Update your VMware ESXi products now | Kaspersky official blog

Discover more