What is the severity of CVE-2025-22226?

CVE-2025-22226 is considered a critical vulnerability that can lead to information disclosure.

How do I fix CVE-2025-22226?

To mitigate CVE-2025-22226, update to the latest patched version of VMware ESXi, Workstation, or Fusion as recommended by VMware.

Who is affected by CVE-2025-22226?

CVE-2025-22226 affects users of VMware ESXi, Workstation, and Fusion who have administrative privileges to a virtual machine.

What type of vulnerability is CVE-2025-22226?

CVE-2025-22226 is an information disclosure vulnerability caused by an out-of-bounds read in the HGFS component.

Can CVE-2025-22226 be exploited remotely?

No, CVE-2025-22226 requires administrative access to a vulnerable virtual machine for exploitation.

Vulnerability/
CVE-2025-22226

Exploited

high

7.1

4/3/2025

CVE-2025-22226

First published: Tue Mar 04 2025(Updated: )

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

Credit: security@vmware.com

Affected Software	Affected Version	How to fix
VMware ESXi
VMware Workstation
VMware Fusion Pro

Never miss a vulnerability like this again

Reference Links

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is the severity of CVE-2025-22226?
CVE-2025-22226 is considered a critical vulnerability that can lead to information disclosure.
How do I fix CVE-2025-22226?
To mitigate CVE-2025-22226, update to the latest patched version of VMware ESXi, Workstation, or Fusion as recommended by VMware.
Who is affected by CVE-2025-22226?
CVE-2025-22226 affects users of VMware ESXi, Workstation, and Fusion who have administrative privileges to a virtual machine.
What type of vulnerability is CVE-2025-22226?
CVE-2025-22226 is an information disclosure vulnerability caused by an out-of-bounds read in the HGFS component.
Can CVE-2025-22226 be exploited remotely?
No, CVE-2025-22226 requires administrative access to a vulnerable virtual machine for exploitation.

collector/mitre-cve
source/MITRE
agent/description
agent/first-publish-date
agent/type
agent/guess-ai
agent/software-canonical-lookup
agent/softwarecombine
collector/nvd-api
source/NVD
agent/author
agent/last-modified-date
collector/bleeping-computer
source/BleepingComputer
alias/CVE-2025-22224
alias/CVE-2025-22225
alias/CVE-2025-22226
alias/CVE-2024-38813
alias/CVE-2024-38812
alias/CVE-2023-34048
agent/news-ai
zeroday/true
exploited/true
agent/references
agent/severity
agent/source
agent/tags
agent/event
agent/trending
vendor/vmware
canonical/vmware esxi
canonical/vmware workstation
canonical/vmware fusion pro

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.