← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-22226 — Actively Exploited: ESXi, Workstation, and Fusion (VMware)

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to a virtual machine to leak memory from the vmx process.

CVE IDCVE-2025-22226
VendorVMware
ProductESXi, Workstation, and Fusion
Vulnerability nameVMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability
Date added2025-03-04
Remediation due2025-03-25
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionVMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to a virtual machine to leak memory from the vmx process.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →