MS-ISAC consultancy number:
2025-019
Published date (s):
04/03/2025
PREVIEW:
Several vulnerabilities have been discovered in VMware Esxi, Workstation and Fusion could allow the execution of local code. VMware Esxi, Workstation and Fusion are all virtualization products that allow users to execute virtual machines (VM) on their computers. The successful exploitation of this vulnerability could allow the execution of the local code in the context of the administrator account. An attacker could then install programs; Show, modify or delete data; Or create new accounts with complete user rights.
Threat intelligence:
VMware by Broadcom has information to suggest that vulnerability operations have occurred in the wild.
Affected systems:
- VMware ESXi 8.0, 7.0
- VMware Workstation 17.x
- VMware Fusion 13.x
- VMware Cloud Foundation 5.x, 4.5x
- VMware Telco Cloud Platform 5.x, 4.x, 3.x, 2.x
- VMware Telco Cloud Infrastructure 3.x, 2.x
Large and medium government entities
Small government
Large and medium business entities
Small business entities
