VMware escape is vulnerable because of Zero-Day flaws!

DarkReading.com reported that “Three zero-day vulnerabilities in VMware products have put tens of thousands of organizations at risk of virtual machine (VM) escapes, which could lead to devastating breaches.  According to scanning data from the Shadowserver Foundation, there are more than 41,000 ESXi instances across the globe that are vulnerable to CVE-2025-22224 (CVSS score: 9.3) as of March 6. The bug leads to an out-of-bounds write condition in VMware ESXi and Workstations.” The March 7, 2025 report entitled “Zero-Days Put Tens of 1,000s of Orgs at Risk for VM Escape Attacks” (https://www.darkreading.com/remote-workforce/zero-days-risk-vm-escape-attacks) included these comments:

Scans initially showed more than 41,500 vulnerable instances on March 4 following the disclosure of the vulnerabilities. The countries with the highest number of unpatched ESXi instances are China, France, and the US.

Broadcom disclosed the vulnerabilities on March 4 and warned customers that the flaws could be chained together to achieve a hypervisor or VM escape. “This is a situation where an attacker who has already compromised a virtual machine’s guest OS and gained privileged access (administrator or root) could move into the hypervisor itself,” the company wrote in an FAQ on GitHub.

In addition to CVE-2025-22224, the vulnerabilities include CVE-2025-22225 (CVSS score: 8.2), which is an arbitrary write vulnerability in VMware ESXi; and CVE-2025-22226 (CVSS score: 7.1), an information disclosure vulnerability in VMware ESXi, Workstation, and Fusion.

VERY BAD NEWS!

First published at https://www.vogelitlaw.com/blog/vmware-escape-is-vulnerable-because-of-zero-day-flaws