VMware security advisory (AV25-114)

Serial number: AV25-114
Date: March 4, 2025

On March 4, 2025, VMware released a security advisory to address vulnerabilities in the following products:

• VMware ESXi – versions 8.0 and 7.0
• VMware Workstation – version 17.x
• VMware Fusion – version 13.x
• VMware Cloud Foundation – versions 5.x and 4.5.x
• VMware Telco Cloud Platform – versions 5.x, 4.x, 3.x, 2.x
• VMware Telco Cloud Infrastructure – versions 3.x, 2.x

VMware is aware that an exploit for CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 exists in the wild.

The Cyber Centre encourages users and administrators to review the provided web links and perform the suggested mitigations.

• VMSA-2025-0004: VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)
• Security Advisories - VMware Cloud Foundation