CSOonline

VMware plugs a high-risk vulnerability affecting its Windows-based virtualization

Broadcom is warning customers of a high-severity, authentication bypass flaw, now fixed, affecting VMWare Tools for Windows. Tracked as CVE-2025-22230, the issue stems from improper access control and ...
TechRepublic

Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication

CVE-2025-22230 is described as an “authentication bypass vulnerability” by Broadcom, allowing hackers to perform high-privilege operations without the necessary credentials. If you use VMware Tools ...
Ars Technica

Threat posed by new VMware hyperjacking vulnerabilities is hard to overstate

Three critical vulnerabilities in multiple virtual-machine products from VMware can give hackers unusually broad access to some of the most sensitive environments inside multiple customers’ networks, ...
SDxCentral

VMware Fixes Critical Remote Code Execution Bug in vCenter Server

Remote code execution vulnerabilities pose especially critical threats to organizations, and VMware’s stronghold in data centers worldwide give patching these flaws particular urgency. VMware fixed ...
Infosecurity-magazine.com

VMware Warns Customers to Patch Actively Exploited Zero-Day Vulnerabilities

VMware has issued a critical security advisory, warning customers that three zero-day vulnerabilities are being actively exploited in the wild. The vulnerabilities range from important to severe in ...
CSOonline

Threat actors could retrieve valid usernames from VMware by exploiting vulnerabilities

Three new vulnerabilities have been found in critical VMware products, including two that could be used to recover usernames. The trio of holes, two of which were found by the US National Security ...