VMware ESXi
Moderate fix3 remedies
cpe:2.3:a:vmware:vsphere_esxi:*:*:*:*:*:*:*, +2 more
Moderate fix3 remedies
- 8.0
- 7.0
Actively Exploited in the Wild
This vulnerability is being actively exploited in the wild.
VMware ESXi Arbitrary Write Vulnerability Allowing Sandbox Escape
Vulnerability
Exploited
Patched
A vulnerability allowing arbitrary writes has been identified in VMware ESXi. This issue arises from a flaw that enables a malicious actor with privileges in the VMX process to perform unauthorized writes to the kernel, potentially escaping the sandbox environment. VMware has classified this vulnerability as critical, with a CVSSv3 base score of 8.2.
Impact
Exploitation of this vulnerability could lead to unauthorized kernel writes, allowing a malicious actor to escape the sandbox environment of the virtual machine.
Remediation
Users can apply the patches available in the VMware ESXi 8.0 ESXi80U3d-24585383, VMware ESXi 8.0 ESXi80U2d-24585300, and VMware ESXi 7.0 ESXi70U3s-24585291 updates. Instructions for downloading these patches are available on the VMware TechDocs site.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
6.8impact
10.0exploitability
4.7remediation
7.7relevance
0.0threat
8.2urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.