CVE-2025-25058

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions VMware ESXi versions prior to 2.2.2.0 (ESXi 8.0) VMware ESXi versions prior to 2.2.3.0 (ESXi 9.0)

Description An improper initialization issue exists in some ESXi kernel mode driver for the Intel Ethernet 800-Series. This may allow an information disclosure. A local, unprivileged software adversary with an authenticated user and a low complexity attack may enable data exposure. The potential vulnerability may impact the confidentiality of the vulnerable system.

Recommendations Update VMware ESXi to version 2.2.2.0 or later for ESXi 8.0. Update VMware ESXi to version 2.2.3.0 or later for ESXi 9.0.

Fix

Improper Initialization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-665

Related Identifiers

BDU:2026-01835

CVE-2025-25058

Affected Products

Intel 800 Series Ethernet

Vmware Esxi

CVE-2025-25058

Weakness Enumeration

Related Identifiers

Affected Products

References · 4