CVE-2025-22225
HIGH KEV RANSOMWAREVMware ESXi - Privilege Escalation
Title source: llmDescription
VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
Scores
CVSS v3
8.2
EPSS
0.0998
EPSS Percentile
93.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Details
CISA KEV
2025-03-04
VulnCheck KEV
2025-03-04
ENISA EUVD
EUVD-2025-7604
Ransomware Use
Confirmed
CWE
CWE-123
CWE-787
Status
published
Products (9)
vmware/cloud_foundation
vmware/esxi
7.0 (29 CPE variants)
vmware/esxi
8.0 (14 CPE variants)
vmware/telco_cloud_infrastructure
2.2
vmware/telco_cloud_infrastructure
2.5
vmware/telco_cloud_infrastructure
2.7
vmware/telco_cloud_infrastructure
3.0
vmware/telco_cloud_platform
2.0
vmware/telco_cloud_platform
2.5
Published
Mar 04, 2025
KEV Added
Mar 04, 2025
Tracked Since
Feb 18, 2026