CVE-2025-22225: VMware ESXi Arbitrary Write Vulnerability. VMware ESXi
VMware ESXi Arbitrary Write Vulnerability. VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.
- CISA KEV-listed (remediation due 2025-03-25)
- used in ransomware campaigns
- EPSS 9.8% (93.1% percentile)