CVE-2025-22226

⚠ KEVEPSS 4.2%

VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability

Added to CISA KEV: 3/4/2025

Description

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to a virtual machine to leak memory from the vmx process.

Affected packages (0)

No package mapping in OSV.