Vmware Esxi vulnerabilities

CVE-2025-41236 [CRITICAL] CWE-787 CVE-2025-41236: VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtua VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.

CVE-2025-41238 [CRITICAL] CWE-787 CVE-2025-41238: VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtua VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the ex

CVE-2025-41237 [CRITICAL] CWE-787 CVE-2025-41237: VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communica VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitat

CVE-2025-41239 [HIGH] CWE-908 CVE-2025-41239: VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.

CVE-2025-41228 [MEDIUM] CWE-79 CVE-2025-41228: VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to imprope VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.

CVE-2025-41226 [MEDIUM] CWE-400 CVE-2025-41226: VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled

CVE-2025-41227 [MEDIUM] CWE-400 CVE-2025-41227: VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.

CVE-2025-22224 [CRITICAL] CWE-367 CVE-2025-22224: VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads t VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

CVE-2025-22225 [HIGH] CWE-787 CVE-2025-22225: VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.

CVE-2025-22226 [HIGH] CWE-125 CVE-2025-22226: VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-o VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

CVE-2024-37085 [MEDIUM] CWE-287 CVE-2024-37085: VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Activ VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD gro

CVE-2024-37086 [MEDIUM] CWE-125 CVE-2024-37086: VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local administrati VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local administrative privileges on a virtual machine with an existing snapshot may trigger an out-of-bounds read leading to a denial-of-service condition of the host.

CVE-2024-22273 [HIGH] CWE-125 CVE-2024-22273: The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulner The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.

CVE-2024-22255 [HIGH] CWE-770 CVE-2024-22255: VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

CVE-2024-22254 [HIGH] CWE-787 CVE-2024-22254: VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.

CVE-2024-22253 [CRITICAL] CWE-416 CVE-2024-22253: VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controll VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, o

CVE-2024-22252 [CRITICAL] CWE-416 CVE-2024-22252: VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controll VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, o

CVE-2023-29552 [HIGH] CVE-2023-29552: The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.

CVE-2022-31705 [HIGH] CWE-787 CVE-2022-31705: VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbo

CVE-2022-31696 [HIGH] CWE-787 CVE-2022-31696: VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network s VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.