Vmware · Vmware Tools · CVE-2025-22247
**Name of the Vulnerable Software and Affected Versions**
open-vm-tools versions prior to 13.0.5-alt1
open-vm-tools versions 12.5.2
**Description**
The Open Virtual Machine Tools contain an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper with local files to trigger insecure file operations within that VM, potentially leading to privilege escalation.
**Recommendations**
Upgrade open-vm-tools to version 13.0.5-alt1 or later.
Upgrade to open-vm-tools version 12.5.2.