ESX Virtualization

VMware ESXi, vSphere, VMware Backup, Hyper-V... how-to, videos....

Nakivo Backup and Replication - #1 Backup solution for Virtual, physical, cloud, NAS and SaaS

Vulnerability in your VMs – VMware Tools Update

By | Last Updated:

Shares

Recent news about vulnerabilities siting quietly inside our VMware VMs is rather worrying. What if, attacker was going to hack our infrastructure from inside of our VMs? And what if not only Windows VMs, but also Linux VMs were affected? VMware Tools Update is important as your ESXi patch update. This vulnerability is labeled as CVE-2025-22247. I'm back to report on this my friends. I took a couple of days off, being on other projects other than IT or virtualization, but now I'm slowly getting back to my keyboard -:). So, let's talk about vulnerabilities!

As being said, the latest vulnerability is present in VMware tools, but the open-source implementation, open-vm-tools, is also affected. As you know, open-vm-tools are the native Linux alternative to VMware tools for Linux. We have blogged about it a very very long time ago. As such, the recent vulnerability is also affecting your VMs that are using open-vm-tools.

There is now known vulnerability discovered by Sergey Bliznyuk from Positive Technologies and this vulnerability allows attackers with non-admin rights on Guest VM to tamper the local files to trigger insecure file operations within that VM.

The latest update from VMware/Broadcom

Description:
VMware Tools contains an insecure file handling vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.1.

Known Attack Vectors:
A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM.

Resolution:
To remediate CVE-2025-22247 apply the patches listed in the ‘Fixed Version' column of the ‘Response Matrix' found below.

Workarounds:
None

Additional Documentation:
None

Acknowledgements:
VMware would like to thank Sergey Bliznyuk of Positive Technologies for reporting this issue to us.

Where to get the fixes from?

You can go to this page at Broadcom.com website here. There are all the informations you need.

Fixed Version(s) and Release Notes:

VMware Tools 12.5.2

Downloads and Documentation:

Final Words

The fixed VMware Tools version is labeled 12.5.2. Broadcom said that Linux vendors will distribute the updates for users, and fixed versions may differ depending on the Linux distribution version and the distribution vendor.

As you can see, the regular check on the latest vulnerabilities is a must. More and more often, the vulnerabilities are discovered and solutions are provided. However, hacker never sleeps so they also uses zero day vulnerabilities for which there aren't any patches, because they were not reported. However, the vast majority of hacks happens because IT managers do not patch their infrastructure often enough and if they do, they do not patch everything. Please make sure that your VMware tools are up-to-date!

 

More posts from ESX Virtualization:

Stay tuned through RSS, and social media channels (TwitterFBYouTube)

5/5 - (1 vote)
Shares

About Vladan SEGET

This website is maintained by Vladan SEGET. Vladan is as an Independent consultant, professional blogger, vExpert x17, Veeam Vanguard x11, VCAP-DCA/DCD, ESX Virtualization site has started as a simple bookmarking site, but quickly found a large following of readers and subscribers.

Connect on: Facebook. Feel free to network via Twitter @vladan.

Leave a Reply

Your email address will not be published. Required fields are marked *