CISA confirms exploitation of VMware ESXi flaw by ransomware attackers

2026-02-05 18:02

CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in its Known Exploited Vulnerabilities (KEV) catalog. Researchers linked VMware ESXi zero-day trio to single exploit toolkit Broadcom fixed CVE-2025-22225, CVE-2025-22224 (a heap overflow vulnerability) and CVE-2025-22226 (an information disclosure flaw) in VMware ESXi, Workstation, and Fusion in early March 2025. At the time of their disclosure, Broadcom said that they have information … More →

The post CISA confirms exploitation of VMware ESXi flaw by ransomware attackers appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article:

CISA confirms exploitation of VMware ESXi flaw by ransomware attackers

← Data breach at govtech giant Conduent balloons, affecting millions more Americans

Betterment breach may expose 1.4M users after social engineering attack →

CISA confirms exploitation of VMware ESXi flaw by ransomware attackers

Read the original article:

Like this:

Related

Read the original article:

Share this:

Like this:

Related

Post navigation