Friday, May 23, 2025
HomeCVE/vulnerabilityVMware Critical Flaws Let Attackers Execute Remote Code

VMware Critical Flaws Let Attackers Execute Remote Code

Published on

SIEM as a Service

Follow Us on Google News

Vulnerabilities in VMware software expose it to remote execution of code by threat actors due to critical defects. 

These are found in different parts of the virtualization platform, management interfaces, and other related tools, making the flaw latent. 

This can enable them to gain higher access levels, thereby running malicious codes from afar on computers affected through successful exploitation.

- Advertisement - Google News

Multiple vulnerabilities were privately reported to VMware recently in VMware ESXi, Workstation, and Fusion.

As a result, VMware patched the critical flaws in ESXi, Workstation, and Fusion after private disclosure. Combining multiple important vulnerabilities escalates severity.

Document
Integrate ANY.RUN in your company for Effective Malware Analysis

Are you from SOC and DFIR teams? – Join With 400,000 independent Researchers

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
  • If you want to test all these features now with completely free access to the sandbox: ..


Vulnerabilities

Here below, we have mentioned all the vulnerabilities:-

  • CVE-2024-22252 (CVSSv3 base score of 9.3): Use-after-free vulnerability in XHCI USB controller
  • CVE-2024-22253 (CVSSv3 base score of 9.3): Use-after-free vulnerability in UHCI USB controller
  • CVE-2024-22254 (CVSSv3 base score of 7.9): ESXi Out-of-bounds write vulnerability
  • CVE-2024-22255 (CVSSv3 base score of 7.1): Information disclosure vulnerability in UHCI USB controller

Products Impacted

Here below, we have mentioned all the products that are impacted:-

  • VMware ESXi
  • VMware Workstation Pro / Player (Workstation)
  • VMware Fusion Pro / Fusion (Fusion)
  • VMware Cloud Foundation (Cloud Foundation)

The vulnerability (CVE-2024-22252) allows code execution from VM in VMware products.

While the VMware XHCI USB flaw (CVE-2024-22253) is critical for Workstation/Fusion, but important for ESXi.

UHCI USB bug also impacts VMware products as well and enables code execution. Out-of-bounds write flaw (CVE-2024-22254) in ESXi risks VMX sandbox escape.

Memory leak possible via UHCI USB flaw (CVE-2024-22255) across VMware lineup.

Broadcom released critical patches for severe vulnerabilities in ESXi 6.7, 6.5, and VCF 3.x. Additional patches are available for ESXi 8.0 U1.

If not updating to ESXi 8.0 Update 2b, use 8.0 Update 1d for security fixes.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

TAG-110 Hackers Deploy Malicious Word Templates in Targeted Attacks

The Russia-aligned threat actor TAG-110, also linked to UAC-0063 and APT28 (BlueDelta) with medium...

Winos 4.0 Malware Masquerades as VPN and QQBrowser to Target Users

A sophisticated malware campaign deploying Winos 4.0, a memory-resident stager, has been uncovered by...

NETGEAR Router Flaw Allows Full Admin Access by Attackers

A severe authentication bypass vulnerability (CVE-2025-4978) has been uncovered in NETGEAR’s DGND3700v2 wireless routers,...

Operation Endgame Crushes DanaBot Malware, Shuts Down 150 C2 Servers and Halts 1,000 Daily Attacks

Operation Endgame II has delivered a devastating strike against DanaBot, a notorious malware that...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

TAG-110 Hackers Deploy Malicious Word Templates in Targeted Attacks

The Russia-aligned threat actor TAG-110, also linked to UAC-0063 and APT28 (BlueDelta) with medium...

Winos 4.0 Malware Masquerades as VPN and QQBrowser to Target Users

A sophisticated malware campaign deploying Winos 4.0, a memory-resident stager, has been uncovered by...

NETGEAR Router Flaw Allows Full Admin Access by Attackers

A severe authentication bypass vulnerability (CVE-2025-4978) has been uncovered in NETGEAR’s DGND3700v2 wireless routers,...