What is it?
Broadcom VMWare is a popular virtualization server software that allows more than one virtual server to run on a single physical server. Different virtual servers may run different operating systems.
VMWare (ESXi and Workstation) has a flaw that allows a skilled attacker to take control of the host/physical server.
Why is it a risk?
An attacker may exploit this vulnerability to perform actions on the host/physical server. Potentially holding the server for ransom.
The CVE CyberSecurity Database News link below explains in more detail how this classic Time-of-Check,Time-of-Use (TOCTOU) vulnerability works.
Broadcom has assigned a severity of CRITCAL to this vulnerability.
How can you mitigate the risk?
The Broadcom Support link below shows a Reponse Matrix (about 2/3 down the page). Find your specific product row in the table and apply the patches listed in the “Fixed Version” column.
Resources:
CVE CyberSecurity Database News: TOCTOU Vulnerability in VMware ESXi and Workstation Lets Attackers Escape VMs
https://cybersecuritynews.com/vmware-esxi-and-workstation-vulnerabilities/
Broadcom Support Portal: CVE-2025-22224
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390
