Tuesday , March 4 2025
Broadcom

Broadcom Patches 3 VMware Zero-Days Exploited In Attacks

infosecbulletin 4 minutes ago Alert, Vulnerabilities

Broadcom issued a security alert on Tuesday, warning VMware customers about 3 exploited zero-day vulnerabilities. Vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 affect VMware ESXi, Workstation, and Fusion. Patches have been released for all affected products, but no workarounds are available.

CVE-2025-22224 is a critical VMCI heap overflow vulnerability in VMware ESXi and Workstation. It allows an attacker with local admin rights on a virtual machine to execute code as the VMX process on the host.

Broadcom Patches 3 VMware Zero-Days Exploited In Attacks

By infosecbulletin / Tuesday , March 4 2025
Broadcom issued a security alert on Tuesday, warning VMware customers about 3 exploited zero-day vulnerabilities. Vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226...
Read More
Broadcom Patches 3 VMware Zero-Days Exploited In Attacks

Singapore issues new guidelines for data center and cloud services

By infosecbulletin / Tuesday , March 4 2025
The Infocomm Media Development Authority (IMDA of Singapore unveils advisory guidelines to reduce occurrences of disruptions to cloud services and...
Read More
Singapore issues new guidelines for data center and cloud services

Update Alert!
Google Warns of Critical Android Vulns Under Attack

By infosecbulletin / Tuesday , March 4 2025
Google’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities—CVE-2024-43093 and CVE-2024-50302—currently under limited, targeted exploitation. These flaws affect...
Read More
Update Alert! Google Warns of Critical Android Vulns Under Attack

CISA adds Cisco and Windows vulns as actively exploited

By infosecbulletin / Tuesday , March 4 2025
CISA has advised US federal agencies to secure their systems against attacks targeting vulnerabilities in Cisco and Windows. Although these...
Read More
CISA adds Cisco and Windows vulns as actively exploited

10 New Vulnerabilities Discovered in MediaTek Chipsets

By infosecbulletin / Monday , March 3 2025
MediaTek has released its March 2025 Product Security Bulletin, which highlights new security vulnerabilities affecting various chipsets in smartphones, tablets,...
Read More
10 New Vulnerabilities Discovered in MediaTek Chipsets

Qualcomm’s March 2025 Security Bulletin Highlights Major Vulns

By infosecbulletin / Monday , March 3 2025
Qualcomm's March 2025 Security Bulletin addresses vulnerabilities in its products, including automotive systems, mobile chipsets, and networking devices. It includes...
Read More
Qualcomm’s March 2025 Security Bulletin Highlights Major Vulns

Cyberattack detected at Polish space agency, minister says

By infosecbulletin / Monday , March 3 2025
On Sunday, Poland Minister for Digitalisation Krzysztof Gawkowski said that Polish cybersecurity services found unauthorized access to the IT infrastructure...
Read More
Cyberattack detected at Polish space agency, minister says

Nearly 12,000 API Keys and Passwords Found in Public Datasets

By infosecbulletin / Monday , March 3 2025
Security researchers found that datasets used by companies to develop large language models included API keys, passwords, and other sensitive...
Read More
Nearly 12,000 API Keys and Passwords Found in Public Datasets

Android Phone’s Unlocked Using Cellebrite’s Zero-day Exploit

By infosecbulletin / Sunday , March 2 2025
Amnesty International’s Security Lab discovered a cyber-espionage campaign in Serbia, where officials used a zero-day exploit from Cellebrite to unlock...
Read More
Android Phone’s Unlocked Using Cellebrite’s Zero-day Exploit

DragonForce Ransomware Targets Saudi Company, 6TB Data Stolen

By infosecbulletin / Saturday , March 1 2025
DragonForce ransomware targets organizations in Saudi Arabia. An attack on a major Riyadh real estate and construction firm led to...
Read More
DragonForce Ransomware Targets Saudi Company, 6TB Data Stolen

CVE-2025-22225 is a high-severity vulnerability in VMware ESXi that enables an attacker with certain privileges in the VMX process to perform an arbitrary kernel write, potentially allowing them to escape the sandbox.

CVE-2025-22226 is a high-severity information disclosure vulnerability in VMware ESXi, Workstation, and Fusion. It results from an out-of-bounds read in the HGFS component, allowing an attacker with admin access to a VM to leak memory from the VMX process.

Broadcom, after acquiring VMware in 2023, noted that exploiting the vulnerabilities requires elevated privileges. This suggests they may have been used in targeted attacks after attackers gained initial access to the victim’s systems.

“This is a situation where an attacker who has already compromised a virtual machine’s guest OS and gained privileged access (administrator or root) could move into the hypervisor itself,” the vendor explained.

Broadcom acknowledges the Microsoft Threat Intelligence Center for reporting these vulnerabilities.

Check Also

Nexus

CVE-2025-20111
Cisco Warns Vulns in Nexus 3000 and 9000 Series Switches

Cisco has warned of a critical vulnerability, CVE-2025-20111, in several Nexus switch models. This flaw …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin