PT-2025-12803 · Vmware · Vmware Tools
Published
2025-03-25
·
Updated
2026-01-10
·
CVE-2025-22230
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
VMware Tools for Windows versions 11.x.x through 12.x.x
Description
VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control. A malicious actor with non-administrative privileges on a guest VM may gain the ability to perform certain high-privilege operations within that VM. Exploitation in the wild has been reported.
Recommendations
Update VMware Tools for Windows to version 12.5.1.
Fix
LPE
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Tools