Skip to main content
Live Webinar with SANS (June 25)— Agentic CTI Automation for Fun & ProfitRegister Free
Mallory
Back to vulnerabilities
HighCISA KEVExploited in the wildPublic exploit

VMware ESXi VMX sandbox escape via arbitrary kernel write

IdentifiersCVE-2025-22225CWE-123· Write-what-where Condition

CVE-2025-22225 is a VMware ESXi arbitrary write vulnerability in which a malicious actor with privileges within the VMX process can trigger an arbitrary kernel write, resulting in escape from the VMX sandbox to the ESXi kernel. Broadcom/VMware describes the issue as affecting ESXi and enabling a guest-to-host boundary break when the attacker already has the ability to operate in the VMX process context. Reporting in the provided content indicates the flaw has been observed as part of exploit chains with CVE-2025-22226 (HGFS information leak) and CVE-2025-22224 (VMCI memory corruption/code execution as VMX), where the chain leaks VMX memory, corrupts VMX state, and then uses CVE-2025-22225 for final sandbox escape to kernel context. The specific vulnerable function is not identified in the provided material.

Share:
For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial
ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation allows escape from the VMX sandbox into the ESXi kernel, breaking virtual machine isolation and enabling compromise of the underlying hypervisor. In practical terms, this can give an attacker control over the ESXi host from a compromised guest VM or from code executing in the VMX process, with downstream impact including hypervisor takeover, access to other resident VMs, deployment of hypervisor-resident backdoors, data theft, and ransomware deployment across virtualized infrastructure. The content also states CISA confirmed exploitation in ransomware attacks.

Mitigation

If you can’t patch tonight, do this now.

If immediate patching is not possible, reduce exposure by restricting attacker paths to VMX-process compromise and guest-to-host interaction surfaces, minimizing administrative access inside guest VMs, and closely monitoring ESXi hosts for anomalous VMX behavior, unexpected kernel/driver activity, and suspicious VSOCK/VMCI-related activity described in the reporting. Isolate or retire unpatchable systems per CISA/Broadcom guidance. Because exploitation has been reported in chained attacks, defenders should also hunt for indicators associated with HGFS/VMCI abuse and post-escape hypervisor backdoors.

Remediation

Patch, then assume compromise.

Apply Broadcom/VMware security updates released in March 2025 for VMSA-2025-0004 and upgrade affected ESXi installations to vendor-fixed builds. Prioritize patching internet-exposed and production hypervisors, and include any associated products/builds identified by VMware as affected. For environments running end-of-life ESXi versions, migrate to supported releases because fixes may be unavailable. Follow vendor guidance for all three related March 2025 vulnerabilities where applicable, as reporting indicates attackers may chain CVE-2025-22225 with CVE-2025-22224 and CVE-2025-22226.
PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType
BroadcomCloud Foundationapplication
BroadcomEsxioperating_system
BroadcomTelco Cloud Infrastructureapplication
BroadcomTelco Cloud Platformapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

52 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

52 SOURCESView more in app
detectNews
Apr 24, 2026
Analyzing GLOBAL GROUP (BlackLock) Artifacts | by SIMKRA | Apr, 2026 | Detect FYI

A VMware VM escape chain involving HGFS and VMCI interfaces that allows code execution on the hypervisor from a compromised guest VM.

Read more
cyber security newsNews
Feb 8, 2026
Cybersecurity Weekly Newsletter - Notepad++ hack, Office 0-Day, ESXi 0-day Ransomware Attacks and More

A VMware ESXi vulnerability enabling sandbox escape via VMX-related flaws, reported by CISA as exploited in ransomware attacks.

Read more
security affairsNews
Feb 8, 2026
Security Affairs newsletter Round 562 by Pierluigi Paganini - INTERNATIONAL EDITION

A specific vulnerability in VMware ESXi that the newsletter states is being leveraged in active ransomware attacks.

Read more
help net securityNews
Feb 8, 2026
Week in review: Notepad++ supply chain attack details and targets, Patch Tuesday forecast - Help Net Security

A VMware ESXi arbitrary write vulnerability confirmed by CISA as exploited in ransomware campaigns (added to KEV).

Read more
+17 more in the timeline
What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.
Start free trial
Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence4

Every observed campaign linking this CVE to a named adversary.

Associated malware7

Malware families riding this exploit, with evidence and IOCs.

Detection signatures2

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity29

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES
MITRE CVE
cve.org · CVE-2025-22225
NVD
nvd.nist.gov/vuln/detail/CVE-2025-22225
MITRE CWE · CWE-123
Write-what-where Condition
Vendor Advisory
support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390
US Government Resource
cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22225