CVE-2025-22225 — VMware ESXi Arbitrary Write Vulnerability

Description

VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.

How to fix CVE-2025-22225

No package mapping is available — consult the references below for vendor-specific guidance.

Is CVE-2025-22225 being exploited?

Yes — CVE-2025-22225 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (0)

No package mapping in OSV.