New VMware Tools Vulnerability Allows Attackers to Tamper with Virtual Machines, Broadcom Issues Urgent Patch - #CVE-2025-22247
VMware has addressed a moderate-severity vulnerability (CVE-2025-22247) in VMware Tools, affecting versions 11.x.x and 12.x.x on Windows and Linux systems. The flaw, with a CVSS score of 6.1, allows non-administrative users to manipulate files within guest virtual machines, potentially leading to privilege escalation or file tampering in multi-user environments. Broadcom, which now owns VMware, has released version 12.5.2 to mitigate the issue, emphasizing the importance of immediate patching as no workarounds exist. The vulnerability was responsibly reported by Sergey Bliznyuk of Positive Technologies, and while no exploitation has been observed in the wild, organizations are urged to prioritize updating their virtual infrastructure tools. Linux users can obtain updates through their distribution vendors, and the open-source counterpart, open-vm-tools, is also affected and patched accordingly.