VMware ESXi, Workstation, and Fusion Vulnerabilities Added to CISA KEV (CVE-2025-22224, CVE-2025-22225, & CVE-2025-22226)

Broadcom released a security advisory to address three vulnerabilities impacting VMware ESXi, Workstation, and Fusion. Tracked as CVE-2025-22224, CVE-2025-22225, & CVE-2025-22226, the vulnerabilities are being exploited in the wild. Security researchers at Microsoft Threat Intelligence Center discovered and reported the vulnerabilities to Broadcom. CISA added the vulnerabilities to its Known Exploited Vulnerabilities Catalog, urging users … Continue reading “VMware ESXi, Workstation, and Fusion Vulnerabilities Added to CISA KEV (CVE-2025-22224, CVE-2025-22225, & CVE-2025-22226)”

VMware Patches Critical Vulnerabilities in Workstation and Fusion (CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, & CVE-2024-22270)

VMware has released a security advisory to address four vulnerabilities impacting VMware Workstation Pro / Player and VMware Fusion. The vulnerabilities are tracked as CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, and CVE-2024-22270. CVE-2024-22267, CVE-2024-22269, & CVE-2024-22270, were exploited in the Pwn2Own 2024 Security Contest.

VMware Workstation and VMware Fusion Zero-day Vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, & CVE-2023-20872)

VMware has released a security advisory to address four vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, & CVE-2023-20872). Out of this, two vulnerabilities can be chained to perform remote code execution on the vulnerable Workstation and Fusion software hypervisors.  On the second day of the Pwn2Own Vancouver 2023 hacking competition, the security researchers from the STAR Labs team … Continue reading “VMware Workstation and VMware Fusion Zero-day Vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, & CVE-2023-20872)”